payment with card details entering on the merchant side- af

Payment with card details entering on the merchant side- AF1. Interaction scheme of the process without 3D Secure or with a card uninvolved into 3D Secure2. Interaction scheme of the process with 3D Secure

2.1. Internal MPI2.2. External MPI2.3. Integration with use of Finish3DS method

3. Scheme of implementation on the merchant's side4. WebService interface

4.1. One-phase payment requests4.1.1. Order registration request4.1.2. Order payment request

4.1.2.1. Internal MPI.4.1.2.1.1. Return to payment gate from ACS. Classical scheme4.1.2.1.2. Return to merchant from ACS. The scheme with use of additional method Finish 3DS

4.1.2.2. External MPI.4.1.3. Order status request4.1.4. Extended order status request4.1.5. Order reversal request4.1.6. Refund request

4.2. Two-phase payment requests4.2.1. Order preauthorization request4.2.2. Order payment request

4.2.2.1. Internal MPI.4.2.2.1.1. Return to payment gate from ACS. Classical scheme4.2.2.1.2. Return to merchant from ACS. The scheme with use of additional method Finish 3DS

4.2.2.2. External MPI.4.2.3. Request for preauthorized order completion4.2.4. Order status request4.2.5. Extended order status request4.2.6. Order reversal request4.2.7. Refund request

5. REST interface5.1. One-phase payment requests

5.1.1. Order registration request5.1.2. Order payment request

5.1.2.1. Internal MPI5.1.2.1.1. Return to payment gate from ACS5.1.2.1.2. Return to merchant from ACS. The scheme with use of additional method Finish 3DS

5.1.2.2. External MPI5.1.3. Order reversal request5.1.4. Refund request.5.1.5. Order state request5.1.6. Extended order state request5.1.7. 3DS enrolled verification request5.1.8. Payment by binding request

5.2. Two-phase payment requests5.2.1. Order preauthorization request5.2.2. Order payment request

5.2.2.1. Internal MPI .5.2.2.1.1. Return to payment gate from ACS5.2.2.1.2. Return to merchant from ACS. The scheme with use of additional method Finish 3DS

5.2.2.2. External MPI .5.2.3. Order completion request5.2.4. Order reversal request5.2.5. Refund request.5.2.6. Order state request5.2.7. Extended order state request5.2.8. 3DS enrolled verification request5.2.9. Payment by binding request

6. Test cards7. Address data for connections8. Appendix 1. Response codes - actionCode description (processing answer)

The document describes a payment on the merchant side.

1. 2.

3.

4. 5. 6.

7. 8. 9.

10.

1. Interaction scheme of the process without 3D Secure or with a carduninvolved into 3D SecureThe scheme is represented on the diagram below:

Description:

The cardholder forms an order on the merchant site (online store) and chooses to pay for the order by bank card.When the order is confirmed by the client, the merchant system registers the order in the payment gate. The following parameters areused for order registering: amount to be charged and currency of the expected payment, internal order number and merchant URL forclient redirecting after payment.The payment gate responds with a unique identifier of the registered order and URL of the payment form that the client should beredirected to.Online store redirects the client's browser to its payment page for entering of card details.The cardholder enters his bank card details on the online store payment page and sends the data.The merchant sends a payment request to the payment gate. The following data are necessary for payment: order number in thepayment gate (received at the 3rd step), language, card details - PAN, CVC, expiry year and month, cardholder name.After the payment details were received (PAN etc.) the system verifyes if the bank and the card are involved into 3d secure.If the bank or the card is not involved into 3d secure, the amount is deposited from the client's account.The payment gate returns the payment status.The merchant system sends the page with payment results to the client's browser.

2. Interaction scheme of the process with 3D SecureThe scheme is represented on the diagrams below:

2.1. Internal MPI

1. 2.

3.

4. 5. 6.

7.

8.

9. 10. 11.

12. 13. 14. 15.

Description:

The cardholder forms an order on the merchant site (online store) and chooses to pay for the order by bank card.When the order is confirmed by the client, the merchant system registers the order in the payment gate. The following parameters areused for order registering: amount to be charged and currency of the expected payment, internal order number and merchant URL forclient redirecting after payment.The payment gate responds with a unique identifier of the registered order and URL of the payment form that the client should beredirected to.Online store redirects the client's browser to its payment page for entering of card details.The cardholder enters his bank card details on the online store payment page and sends the data.The merchant sends a payment request to the payment gate. The following data are necessary for payment: order number in thepayment gate (received at the 3rd step), language, card details - PAN, CVC, expiry year and month, cardholder name.After the payment details were received (PAN etc.) the system verifyes if the card is involved into 3d secure, including use of DirectoryServer.Verification result is transferred to the merchant (card involvement + URL of the issuing bank ACS server, where authentication of theclient should be executed).Merchant system redirects the client's browser to the issuing bank ACS.The cardholder (client) authenticates on the issuing bank ACS.After the cardholder authentication the issuing bank ACS redirects the client to the payment gate transferring PARes. The payment gateauthorizes the order if the client authentication on the ACS is successful, or the order preauthorization may be declined if the clientauthentication on the ACS faild.The client is redirected to the merchant page with payment results.The merchant sends the order status request to the payment gate.The payment gate returns the payment status.The merchant system sends the page with payment results to the client's browser.

2.2. External MPI

1. 2. 3. 4.

5. 6. 7. 8. 9.

10.

11. 12. 13. 14.

Description:

The cardholder forms an order on the merchant site (online store) and chooses to pay for the order by bank card.Online store redirects the client's browser to its payment page for entering of card details.The cardholder enters his bank card details on the online store payment page and sends the data.After the payment details were received (PAN etc.) the merchant verifyes if the card is involved into 3d secure, including use of DirectoryServer.Merchant system redirects the client's browser to the issuing bank ACS.The cardholder (client) authenticates on the issuing bank ACS.After the cardholder authentication the issuing bank ACS redirects the client to the merchant transferring PARes.The merchant sends order registration request to the payment gate.The payment gate returns a unique order number in the payment gate system.The merchant sends a payment request to the payment gate. The following data are necessary for payment: order number in thepayment gate (received at the 9th step), language, card details (PAN, CVC, expiry year and month, cardholder name) cavv, xid, eci.The payment gate sends payment results to the merchant.The merchant sends the order status request to the payment gate.The payment gate returns the payment status.The merchant system sends the page with payment results to the client's browser.

2.3. Integration with use of Finish3DS method

1. 2.

3.

4. 5. 6.

7.

8.

9. 10. 11. 12. 13. 14. 15. 16. 17.

Description:

The cardholder forms an order on the merchant site (online store) and chooses to pay for the order by bank card.When the order is confirmed by the client, the merchant system registers the order in the payment gate. The following parameters areused for order registering: amount to be charged and currency of the expected payment, internal order number and merchant URL forclient redirecting after payment.The payment gate responds with a unique identifier of the registered order and URL of the payment form that the client should beredirected to.Online store redirects the client's browser to its payment page for entering of card details.The cardholder enters his bank card details on the online store payment page and sends the data.The merchant sends a payment request to the payment gate. The following data are necessary for payment: order number in thepayment gate (received at the 9th step), language, card details - PAN, CVC, expiry year and month, cardholder name.After the payment details were received (PAN etc.) the system verifyes if the card is involved into 3d secure, including use of DirectoryServer.Verification result is transferred to the merchant (card involvement + URL of the issuing bank ACS server, where authentication of theclient should be executed).Merchant system redirects the client's browser to the issuing bank ACS.The cardholder (client) authenticates on the issuing bank ACS.After the authentication the issuing bank ACS redirects the client to the merchant.The PARes received from ACS is transfered to the merchant.The merchant sends the PARes to the payment gate using Finish3DS method.The payment gate returns the payment result.The merchant sends the order status request to the payment gate.The payment gate returns the payment status.The merchant system sends the page with payment results to the client's browser.

1. 2. 3.

3. Scheme of implementation on the merchant's sideFor scheme without 3D Secure, there are the following automatic interactions between the merchant system and the payment gate:

2, 36, 8

For scheme with 3D Secure, there are the following automatic interactions between the merchant system and the payment gate:

2, 36, 914, 16

These interactions are synchronous, i.e. requesting side must wait for a response or timeout to continue. Interactions are also unilateral: themerchant system sends requests to the payment gate, not the other way. To implement these interactions developers can use API provided bythe payment gate consisting of the requests:

Register the order;Pay/preauthorize the orderAuthorize the order

4. WebService interfaceDescription (WSDL) of the service can be found on the test server that is available without restrictions. For the exact address see "Address datafor connections" section.

For successful authorization purposes each request should include login and password of the merchant that were produced during registration ofthe merchant. Values of the login and password are sent in the format described in the WS-Security specification, authorization type UsernameTo

. Header for such authorization looks something like this:ken

<wsse:Securityxmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-%20wssecurity-utility-1.0.xsd"> <wsse:UsernameToken wsu:Id="UsernameToken-87"> <wsse:Username>aa</wsse:Username> <wsse:PasswordType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">123456</wsse:Password> </wsse:UsernameToken> </wsse:Security>

4.1. One-phase payment requests

4.1.1. Order registration request

Use method for order registration in the payment gate. The method is described in WSDL of the service.registerOrder

Request parameters:

Name Type Mandatory Description

merchantOrderNumber AN..32 yes Number (identifier) of the order in the merchant system. It is unique within the system

description AN..512 no Free-formed description of the order.

amount N..20 yes Order amount in minimal currency units (e.g. cents).

currency N3 no Code of the payment currency (according to ISO 4217). If it is not specified in the request, the default value isused - 810, russian rubles.

language A2 no Code of the language (according to ISO 639-1) that the payment page should be displayed in. If it is notspecified, the system uses the default language from the merchant settings.

pageView ANS..20 no This parameter indicates what type of payment interface pages should be uploaded for the payer. Possiblevalues:

DESKTOP – to upload pages designed for displaying on PC monitors (pages with names payment_<lo and from archive of payment interface pages);cale>.html ocale>.htmlerrors_<l

MOBILE – to upload pages designed for displaying on mobile devices (pages with names mobile_pay and from archive of payment interfacement_<locale>.html ocale>.htmlmobile_errors_<l

pages);If the merchant has pages with names formed by adding of some prefix to the template part of the pagename, then you can specify necessary prefix in the parameter in order to redirect client topageViewthe corresponding page. For example, if = then pages with names pageView iphone iphone_paymen

and will be used.t_<locale>.html iphone_error_<locale>.html

Where:

locale – the page language in 2-alpha code according to ISO 639-1, e.g. for Russian and forru enEnglish.

Default value is .pageView=DESKTOP

sessionTimeoutSecs N...9 no Duration of order life in seconds.

If the parameter is not specified, then the value from merchant settings is used, otherwise - the default value(1200 seconds - 20 minutes).

If the request contains parameter, the parameter is ignored.expirationDate sessionTimeoutSecs

bindingId AN..255 no Identificator of the binding, that was created earlier. May be used only if the merchant has permission to workwith bindings. If this parameter is sent in the request, that means:

1. This order may be payed only by binding;

2. The payer will be redirected to a payment page, where entering of CVC only is required.

expirationDate ANS no Date and time of termination of order life. Format: .yyyy-MM-dd'T'HH:mm:ss

If this parameter is not specified, the parameter is used to determine sessionTimeoutSecs date and timeof termination of order life.

returnUrl AN..512 yes Web address that the client should be redirected after successful payment. Absolute link must be specified.

failUrl AN..512 no Web address that the client should be redirected if the payment failed. Absolute link must be specified.

params no An additional tag with the attributes for passing additional parameters of the merchant.

Fields of additional informaiton to be stored. To send N parameters, the request must contain N tagsparams, where the attribute contains parameter name and attribute contains parameter value:name value


name AN..20 yes Name of the additional parameter

value AN..1024 yes Value of the additional parameter

These fields may be passed to the bank processing for their representation in registers.*

This functionality can be switched on during the integration period at the agreement with bank.

If notification of the client is switched on for the merchant, this tag should contain parameter with name emai which value is client's email.l

clientId AN..255 no Number of the client (identifier) in the merchant system. It is used to realise binding functionality. The requestmay contain this parameter only if the merchant is allowed to use bindings.

merchantLogin AN..255 no To register the order from the name of the child merchant, specify its login in this parameter.

* By default the following fields are passed to the bank processing:

orderNumber – order number in the merchant system;description – order description (not more than 99 simbols, the following simbols are forbidden to use - %, +, \r, \n).

If additional parameter with name is sent with the order, then its value will be passed to the bank processing asmerchantOrderIdorder number (instead of value of field).orderNumber

Response parameters:


orderId ANS36 no Order number in the payment gate. It is unique within the gate. Absent if order registration failed (error is described bythe parameter).errorCode

formUrl AN..512 no URL of the payment form that the client's browser should be redirected to. Absent if order registration failed (error isdescribed by the parameter).errorCode

errorCode N3 no Code of the error that occurred during registration of the order.

errorMessage AN..512 no Description of the error in the language specified in the parameter of the request.language

Possible codes for errors (the field):errorCode

Value Description

0 No system error

1 Incorrect order number

1 Order with this number is already registered in the system

3 Unknown currency

4 Empty emount

4 Order number is empty

5 Invalid value of one of the parameters

5 Access denied

5 The user must change his password

7 System error

Request example:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"xmlns:mer="http://engine.paymentgate.ru/webservices/merchant"> <soapenv:Header/> <soapenv:Body> <mer:registerOrder> <order merchantOrderNumber="78ds901234567890" description=" "amount="15000" currency=" " language=" " pageView="DESKTOP"sessionTimeoutSecs=" " bindingId=" " expirationDate="2014-09-08T14:14:14"> <returnUrl>https://web.rbsuat.com/ab/finish.html</returnUrl> <params name="param1" value="valueParam1"/> <params name="param2" value="valueParam2"/> <clientId>666</clientId> <merchantLogin> </merchantLogin> </order> </mer:registerOrder> </soapenv:Body> </soapenv:Envelope>

Response example:

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <ns1:registerOrderResponsexmlns:ns1="http://engine.paymentgate.ru/webservices/merchant"> <return orderId="05fcbc62-7ee6-4f1a-b3d5-6ca41a982283"errorCode="0" errorMessage="Success"> <formUrl>https://web.rbsuat.com/ab/payment_ru.html?mdOrder=05fcbc62-7ee6-4f1a-b3d5-6ca41a982283 </formUrl> </return> </ns1:registerOrderResponse> </soap:Body> </soap:Envelope>

4.1.2. Order payment request

For payment use request. paymentOrder

The payment gate allows merchatn to use both internal and external MPI.

Validation of card data is performed in accordance with the table:

Name Description Validation

pan Full card number Luna validation (checking if the card number is real), the number of digits in the card number - from13 to 20

cvc CVC code 3 digits

year, month Year, month of cardexpiry

The date in present or future. It the card expiry is a current month, the payment is possible untis theend of the month

cardholderName Cardholder name Is not verified

4.1.2.1. Internal MPI.

Request parameters:


orderId ANS36 yes Order number in the payment gate. Unique within the gate.

pan N..20 yes Card number

cvc N..3 yes CVC

year N..4 yes Expiry year

month N..2 yes Expiry month

cardholderName A..512 yes Cardholder name

language A..2 yes Response language

ip AN..19 no IP address of the payer

email ANS..* no Email address of the payer. If the merchant intends to send notifications about operations with the order to thepayer, this parameter should be specified.

params no An additional tag with the attributes for passing additional parameters of the merchant.*

* Fields of additional informaiton to be stored. These filds may be transferred to a bank processing in order to display them in registers.**

This functionality may be enabled under the agreement with the bank during the integration. To send N parameters, the request must contain N p tags, where the attribute contains the name and attribute contains the value:arams name value


name AN..20 yes Name of the parameteradditional

value AN..1024 yes Value of the parameteradditional

** Fields and its are sent to the bank processing by default (not more than 99 simbols, the following simbols areorderNumber descriptionforbidden to use - %, +, \r, \n)



errorCode N..1 yes Code of the error that occurred in the process of the refund.

errorMessage AN..512 no Description of the error in the language specified in the Language field of the request.

info AN..512 no The result of the payment attempt. Possible values are represented below:

Your order is proceeded, redirecting...Operation declined. Please check the data and available balance of the card. Redirecting...Sorry, payment cannot be complete. Redirecting...Payment declined. Please, contact with merchant. Redirecting...Payment declined. Please, contact with merchant. Redirecting...Payment declined. Please, contact with your bank. Redirecting...Payment declined. Please, contact with your bank. Redirecting...Can't connect with your bank. Please, contact with your bank. Redirecting...Processing timeout. Please, try again later. Redirecting...

redirect AN..512 no Address for redirect

acsUrl AN..512 no Is not used in payments, that does not require additional authentication on Issuing bank ACS.

paReq AN..512 no Is not used in payments, that does not require additional authentication on Issuing bank ACS.


Value Description

0 No system error

5 Access denied


5 There are no payment attempts any more of the session is expired

5 Data validation error

7 System error

Request example:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"xmlns:mer="http://engine.paymentgate.ru/webservices/merchant"> <soapenv:Header> <soapenv:Body> <mer:paymentOrder> <order orderId="09808814-eb60-4cea-86bb-ed849dbe7ae9" year="2015"month="12" pan="4111111111111111" cvc="123" cardholderName="A Moriarty"language="ru" ip="?"> <!-Zero or more repetitions:-> <params name="name" value="value"/> </order> </mer:paymentOrder> </soapenv:Body> </soapenv:Envelope>

Response example in case of payment, that does not require additional authentication on Issuing bank ACS:

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <ns1:paymentOrderResponsexmlns:ns1="http://engine.paymentgate.ru/webservices/merchant"> <return info="Your order is proceeded, redirecting..."redirect="www.ya.ru?MDORDER=6d295b5b-84c3-44cd-adea-c0eaca122465&ANSWER=%3C%3Fxml+version%3D%221.0%22+encoding%3D%22UTF-8%22%3F%3E%0A%3CPSApiResult+primaryRC%3D%220%22+secondaryRC%3D%220%22%2F%3E&STATE=payment_deposited&ACTION_CODE=0&AUTH_CODE=2" errorCode="0"/> </ns1:paymentOrderResponse> </soap:Body></soap:Envelope>

Response example in case of 3DS-payment, that requires additional authentication on Issuing bank ACS:

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <ns1:paymentOrderResponsexmlns:ns1="http://engine.paymentgate.ru/webservices/merchant"> <return errorCode="0" info="Your order is proceeded,redirecting..." redirect="https://web.rbsuat.com:443/ab/rest/finish3ds.do"acsUrl="https://web.rbsuat.com/acs/auth/start.do"paReq="eJxVUk1zgjAQ/SsM95KEr1pnjUOLnXqgYxUvvVHYAVQ+DFDUX99EUeshM/t2N2/3vQSmh2Kn/aJo8qqc6MyguoZlXCV5mU70dfj+NNKnHMJMIPorjDuBHAJsmihFLU8metGkBtM5LLwl7jkMTFwSGSaQK5RXRJxFZcshivev809uWzazHCADhALF3OfMtGzHfR4BuWAoowJ5iE27yqoayBlCXHVlK47ctS0gVwCd2PGsbesxIX3fG2lVpTs04qoAokpA7jssOhU1kuqQJzzwvf5yZqdPf0uDcHsM/C8WnNIJENUBSdQiNykzGaWOxujYpmNqAznnISrUDtx1XUqloguCWg3xHkr/UyC9FNLqq4wrAjzUVYmyQ/p3iyHBJr4ZodWDALmBygO5K3r7UB7HrXRvnXxvhdufxGKUdH34kiUb15mZ3k+3WSrnz01qXi79Yw67DFQAiKIhw6OS4cFl9PAR/gAOWr9V"/> </ns1:paymentOrderResponse> </soap:Body> </soap:Envelope>

If 3-D Sucure technology is required to perform payment, then after the response to the payment request has been received the merchantmust redirect the client to ACS:

For redirection to ACS the merchant, for its part, must redirect a client to the adress specified in the parameter with the body of theacsUrlrequest:

MD=mdorder&PaReq=pareq&TermUrl=redirect,

Where:

mdorder - unique order number in the payment gate system,pareq - a parameter from the response to the payment request,redirect - a parameter from the response to the payment request (address of the redirect to ACS).

The request must be in POST format.

Depending on integration scheme the client after authentication on ACS will be redirected to merchant or to the payment gate. Processes ofpayment completion for each of these cases are represented below.

4.1.2.1.1. Return to payment gate from ACS. Classical scheme

Issuing bank ACS executes authentication of the cardholder and redirects him to the payment gate sending . If the client was authorized onPAResACS successfully the payment gate authorizes the order. Otherwise the order preauthorization is declined.

4.1.2.1.2. Return to merchant from ACS. The scheme with use of additional method Finish 3DS

In this scheme issuing bank ACS executes authentication of the cardholder and redirects him to the merchant. from ACS is sent to thePAResmerchant. Then the merchant transfers it to the payment gate by the method.finish3DS

Description of is represented below: finish3DS

Request parameters:


md AN..30 yes Order number received after order registration

paRes yes Payer Authentication Response



returnUrl AN..512 no URL of the payment form, where the client's browser to be redirected.

errorCode N3 no Code of the error that occurred in the process of the refund.


If and – the payment was executed successfully. For other cases see errorCode=0 info="Your order is proceeded, redirecting" e.rrorMessage


Value Description

0 No system error.

5 Access denied


7 The order was not found

7 System error

Request example:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"xmlns:mer="http://engine.paymentgate.ru/webservices/merchant"> <soapenv:Header/> <soapenv:Body> <mer:finishThreeDs> <request language="ru" md="8b5b7ee5-eb5a-4cf4-81ec-7153f7ca2864"paRes="eJzFV2mzokoS/Ssd/T4at1kEkRe0EcW+WCCLgH5jBwVRWfXXD2r37ft6eiZ6ZuLFEGFYnKjMypOZp4pinPyaJLydRN01WTEwaZogSz4V8dfPi/k8JKg5+kahYfBGYPjyLcRD+i2g8GWEzRdBvEA/r5gNsJLmZZAuyZBOF28EkU4GwWQaYAk6vS5CFMXxJUlGk0GfXJuiPq2wL+gXnEG+v05rX6M8OLUrJogurKKvCJxaoCiDfHtlquSq8CuKQV4DBvlhsekeo2ZiMBbxCvJgeP0EVOeFucFnI7xnN3iAXxnkMYOJgzZZ4ShGojRKf8KwPwn8T2zJIE+cOT/cgaruJt8kSVJLmkE+YsyUrWtyim6rBTFnkPc3JhnP9SmZZkzE3scM8iO8c3BaoR8ebHom3xPKOP6KaYvql2E9caZpg7ZrVjsG+TZioqDvVwAAlp3HxN6y2ESR/LwE35+J7nMKk0TFCiWnoKb/pxUos/patHn1CPWvAIM8QkGehV0xdpGdpsWuyaexKk/N1895257/RJBhGL4M8y/1NUPwiQiC0sg0IW6K7I/PL6skVk5p/R+ZccGpPhVRUBb3oJ26AiZtXsef3mP7lRvHenjCEEvg3iZXbxFGnN4eCDrHyMkn8munH5j9zio/B3ttgrcmD7DHAj85WjFWkiaPjkg+bS3l6+c/flMZfJElTfvfRPM9ko8evvtzg7JLVuNlPjOtnlVwfrbnbntQ7I+7AtOSQfn63e41k0Hew//G7VXIDwl7TfT1ejePNAdVXfkIMMqH7mYGy9QkoRea8wW61M+L1ElSyOUdhpU05W4jqZPbaGjuylHf5GicEpcYW/MiskkxU96WNYClI6CaFt1TqSuhcc55kyRpTwjnO1gISSgKYVaLqhTPhO5uRL2qXdYQva6F5f46nkA+HrDRxjxiUft+3Sv7NVaLy68fivSNpZbcXqz8SWx80AavEZdc2yKdumXaB6CicLXDcSC7ZGBQWJApKticRPue7IpZGUKASpx9kWwlnPOmwLLmFkABjNwdqGymuyzYOaB0HWiBgc92vGuamjDE/M5X870k3qE5DNwLXwuDbtquOQoO2LxsocPJ7DnmsFuI0yhkCZ+fMgN5OOgHgML7doRiPWHKE4P3d2wweWENwVEC2FZgc8i5LhwFHhgvv7XDonoeVeJx58OR54H2whsHYKzq8oIFwfJpC0aoRFKJrn21D+fmkO2XA2/uVK3eK3kf6eDJGUzUUAAVSQW1xAJNouIiuPJmhlHbQ9WrQSOL9sHLN3FII/TZ3/ce0LqIHi6XAz8/9dvFMOvUdqeIF53ofW52OFLJkXBF6tAfeXFuoWh6ksvFYLhdejdLEVAz0z97DpSacHG7DbkPBzeMjGWHEZHkIuOMdJPh6GRX1wov+9LwlSopS733sLRRSbmw3VReJrcSZJAFQDpkgfLkJptTLSzUYNmdIOrH+TynTYyV0qKmulHTE7zcxZjcqVAGj/zEymCdoZSAfze33tpH8zBV02wGznzWWhIG1d3eBRMC4plnLoeyiYu3nWfl0V2AcErkEx8hvxXKLbSEgR+etrww5EPgm21U0X2s/NyPwzMuYTBFCCZu6T/VS3zVSwBKst+3vnkpWQ0lAjwrKulYI8Ea33nQynKUuDna7DBQxlFFtl4MsIxabtUjiVwdlcZJii5q8tpUa9l3Z50XLbzrQhENAqRjYfYzyUM20FyeO4Kul0lP35x+F9TN0t8Q93hrEFbjswN93VmdvSGMHm8NTdvUlaGug9Amp+4rubo7UhSBjI4wifdnZf5Sqqf7Q6rFD6lOXS4hSiIPLf3/lKrO7+469lepfsOGzeF/kurmweubVKWnVD09n6SY/swXTHynbtMBz7GFObkxeXs5HDtxKxLHICgCez2zyIUbHO9YN508O/GCCLWv3tf2gII28JZYIndcfkuWlJ/x0sbvgMDVoWZh55o6VFVP6Vh1qcsxXrctqElNuXp0YuiLGTKb20SrHDvtepkt3LVzG22yrSh5wuaunBlBt7vswRBzoy1elE48NN0hb2a+P/YD29VkMyg8MAFbE1Lx5MY+Ocd8Znosa9uJgYBzHyPKblPnIJMxJRZs/YxoPDs88iXbUAgc9pSxzl6niXSrm9aJuBhUYx/89uzJsUUVgSicBeVv2jptjjN5ctw280rpz9590uYjLgsKrAMmbjLyq/6c6sUCrvVZtG9LdGZut70slfUyu3DD4ZAP/Poc4K7VlEHXaFK7JLxyU/ioI+PsZayQe7W5sQf91PmeJFcmoWVidQlQOxExkG6Q3Rx4iaCChVonB3J5ktD8uuAiIxyv3GwA0NrwSrmWjRmJmbfDWRdpmZsd8UU4boPzvsFdD8HP0WZBVa0p3/xiZ/6eTFnyIVOX+y7T7fZ61zjaUqieygI1dehY48wt5w/75le7198jmZdksWm/HeEBEJNEb/ApWQF/Ys47Ngi8YHzbaR8+RPdYOqYDf/N03F76/MDVtAphvNHB0FTyItyYRRUM4amouLm9GNtzFkb8/hanqHK7pTdIC2l3GncU7WEIV2eeye1Do2yI4JCxjXZc70o5Lo1aUo+EROxbMVibdyMcJHLcgNCi7rsk2MeVpQWUVuKqOrZ6ZZDO7OaPSMu3i5zTT+s8a0aaGCipQFhRMQr/++n4yO2Pk0VgkcHkIAD/8mSBd7RPp6ovAtea407QOq4jqKejJ1b5FVPNppD3FiFnKXaXziiYB3mejm2na5q0pQrphEVwvNcnhRaoI8nZ2tq1D0VpuMt83h3PzgzX8hbvacINCxbZnLPM8DrRh2CnD2k6coG4KQ+zPdbJTlljBrsVGyXa5bgx6woxZzfa2WvndjXG8sL81cmC/PgeRN6/EX98PT6vnc9L8uOe9PHy/A9JE/bD"/> </mer:finishThreeDs> </soapenv:Body> </soapenv:Envelope>

Response example:

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <ns1:finishThreeDsResponsexmlns:ns1="http://engine.paymentgate.ru/webservices/merchant"> <return errorMessage="" errorCode="0"returnUrl="http://ya.ru?orderId=8b5b7ee5-eb5a-4cf4-81ec-7153f7ca2864"/> </ns1:finishThreeDsResponse> </soap:Body> </soap:Envelope>

4.1.2.2. External MPI.

Request parameters:


orderId ANS36 yes Order number received after order registration


cvc N..3 yes CVC





ip AN..19 no IP adress of the payer

email ANS..* no Email adress of the payer. If the merchant intends to send notifications about operations with the order to the payer,this parameter should be specified.


In case of external MPI using, RBS expects that payment request contains parameter. If this parametereach "eci"value differs from the values used for SSL-authorizations, it is also to send and " parameternecessary "xid" cavv"s.

* Fields of additional informaiton to be stored. These filds may be transferred to a bank processing in order to display them in registers. **

** This functionality may be enabled under the agreement with the bank during the integration. To send N parameters, the request must contain N tags, where the attribute contains the name and attribute contains the value.params name value

If the external MPI is used and if there is an appropriate RBS permission to use it, then the purpose of the additional parameters list also includessroring and sending to SmartVista of , , parameters.cavv xid eci


name AN..20 yes Additional parameter name

value AN..1024 yes Additional parameter value



errorCode N..1 yes Code of the error that occurred during registration of the order.

errorMessage AN..512 no Description of the error in the language specified in the Language parameter of the request.



If = 0 and = "Your order is proceeded, redirecting" - the payment was executed successfully. For other cases see errorMessage.errorCode info


Value Description

0 No system error

5 Access denied




7 System error

Example request:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"xmlns:mer="http://engine.paymentgate.ru/webservices/merchant"> <soapenv:Header> <soapenv:Body> <mer:paymentOrder> <order orderId="f0c87e00-7b26-4573-942f-3d40596a6d43" year="2015" month="12" pan="4111111111111111" cvc="123" cardholderName="A Moriarty" language="ru" ip="?"> <!-Zero or more repetitions:-> <params name="xid" value="MDAwMDAwMDEzMzkyMjg5ODExNTc="/> <params name="eci" value="05"/> <params name="cavv" value="AAABCpEChRM5IomAKFAAAAAAAAA="/> </order> </mer:paymentOrder> </soapenv:Body> </soapenv:Envelope>

Response example:

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <ns1:paymentOrderResponsexmlns:ns1="http://engine.paymentgate.ru/webservices/merchant"> <return errorCode="0" info="Your order is proceeded,redirecting..."/> </ns1:paymentOrderResponse> </soap:Body> </soap:Envelope>

4.1.3. Order status request

To inquire state of a registered order, use the request.getOrderStatus

The order status must be determined by the value of parameter.orderStatus field is deprecated.authCode

Request parameters:


orderId ANS36 yes Order identifier in the payment gate. Unique within the gate.

language A2 no Language according to ISO 639-1. If not specified, the system uses the default language from the merchant's settings. Errormessages, if any, will be returned in this language.



orderStatus N2 no This paramater shows order status in the payment gate. Possible values are listed in the table below.Parameter is absent if no order with the specified ID was found.

errorCode N3 no Code of the error that occurred in the course of processing the request.

errorMessage AN..512 no Description of the error in the language specified in the field of the request.Language

orderNumber AN..32 yes Order number (identifier) in the merchant's system

pan N..19 no Masked number of the card that was used for payment. Specified only for paid orders.

expiration N6 no Card expiration date in the YYYYMM format. Specified only for paid orders.

cardholderName A..64 no Cardholder name. Specified only for paid orders.

amount N..20 yes Order amount in minimal currency units (e.g. cents)

currency N3 no Code of the payment's currency (according to ISO 4217).

approvalCode AN6 no IPS authorization code. The field has fixed length of six characters, it can contain both numbers and letters.

authCode N3 no This parameter is deprecated. Its value is always "2", regardless of the order status and processing system.authorization code

ip AN..20 no IP address of the computer that the order initiated on.

date ANS yes Date of order registration

orderDesctiption AN..512 yes Order description that was sent during registration

actionCodeDesctiption AN..512 yes Description of action code the language specified in the field of the request.Language

clientId AN..255 no Number of the client (identifier) in the merchant's system. Transferred, when order is registred. Present only ifcreation of ligaments is allowed for merchant.

bindingId AN..255 no Identificator of the ligament created while paying an order or used to pay for. Present only if creation ofligaments is allowed for merchant.

The orderStatus field may have the following statuses:

State number Description

0 The order is registered, but not paid yet.

1 Pre-authorisation amount was held (for two-phase payment)

2 The amount was deposited successfully

3 Authorization reversed

4 Transaction was refunded

5 Authorization through the issuer's ACS initiated

6 Authorization declined

Possible codes for errors (the errorCode field):

Value Description

0 No system error.

1 Order with this number is already registered in the system.

2 Payment is declined


5 Access denied

5 [orderId] is empty

6 Unknown order id

7 System error

:Request example

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"xmlns:mer="http://engine.paymentgate.ru/webservices/merchant"> <soapenv:Header/> <soapenv:Body> <mer:getOrderStatus> <order orderId="b1221b79-5703-42c9-a4b1-ed0d0f36493e"language="en"/> </mer:getOrderStatus> </soapenv:Body> </soapenv:Envelope>

Response example:

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <ns1:getOrderStatusResponsexmlns:ns1="http://engine.paymentgate.ru/webservices/merchant"> <return orderStatus="2" errorCode="0"orderNumber="456789012345678" pan="411111**1111" expiration="201512"cardholderName="Ivan" amount="15000" currency="810" approvalCode="123456"authCode="2" ip="212.5.125.194" date="2013-09-03T16:48:52.459+04:00"orderDescription=" " actionCodeDescription="Request processed successfully"clientId="666" bindingId="df0b1801-a754-4576-b174-c2485d98bc9b"/> </ns1:getOrderStatusResponse> </soap:Body> </soap:Envelope>

4.1.4. Extended order status request

To inquire about state of a registered order, use the request. getOrderStatusExtended

Request parameters:


orderId ANS36 yes* Order identifier in the payment gate. Unique within the gate.

merchantOrderNumber AN..32 yes* Order number (identifier) in the merchant'system

language A2 no Language according to ISO 639-1. If not specified, the system uses the default language from the merchant'ssettings. Error messages, if any, will be returned in this language.

* It is necessary to specify whether or in the request. If the request contains both parameters, is aorderId merchantOrderNumber orderIdpriority. There are 3 sets of response parameters. These sets depend on getOrderStatusExtended version, specified in merchant settings.

Response parameters for versions 01, 02,03:The following parameters are returned regardless version.gerOrderStatusExtended



orderStatus N2 no State of the order in the payment gate. The value is selected from the list below. Absent if no order with thespecified ID was found.

actionCode N3 yes Processing system authorization code.

actionCodeDescription AN..512 yes Action code description on the language passed in the parameter Language"




currency N3 no Code of the payment's currency (according to ISO 4217).If not specified, assumed to be 810 (Russianrubles).

date ANS yes Date of order registration.

orderDescription AN..512 no Free-formed description of the order.

ip AN..20 yes IP address of the computer that the order initiated on.

is present in the reponse if the order contains merchant additional parameters. Each additional parameter is described inElement merchantOrderParamsseparate element by the following fields: merchantOrderParams

name AN..20 no Name of additional parameter

value AN..1024 no Value of additional parameter

Element – the structure includes element and the following attributes:cardAuthInfo secureAuthInfo

maskedPan N..19 no Masked number of the card that was used for payment. Specified only for paid orders.



approvalCode AN6 no IPS authorization code.Specified only for paid orders. The field has fixed length of six characters, it cancontain both numbers and letters.

(includes element and element with parameters and ):Element secureAuthInfo eci threeDSInfo cavv xid

eci N..4 no Electronic Commerce Indicator. Set just after the payment order in the case of a permit

cavv ANS..200 no Cardholder Authentication Verification Value. Set just after the payment order in the case of a permit.

xid ANS..80 no Electronic Commerce Transaction Identifier.Set just after the payment order in the case of a permit.

consits of the following fields:Element bindingInfo

clientId AN..255 no Client number (ID) in the shop system, transferred during the order registration. Presents only if a shop isallowed to create bindings.

bindingId AN..255 no Binding identifier created during order payment or used for payment. Presents only if a shop is allowed tocreate bindings.

Response parameters for versions 02, 03:If version is 02 or higher, the following parameters are also returned along with parameters described above.getOrderStatusExtended


authDateTime ANS no Authorisation date and time

authRefNum AN..24 no Reference number

terminalId AN..10 no Terminal Id

Response parameters for version 03:If version is 03, the following parameters are also returned along with parameters described above.getOrderStatusExtended


consists of the following parameters:Element paymentAmountInfo

approvedAmount N..20 no Amount hold on the client's card (only for two-phase payments)

depositedAmount N..20 no Amount confirmed for deposit

refundedAmount N..20 no Refund amount

paymentState N2 no Payment state

Element consist of:bankInfo

bankName AN..200 no Name of issuing bank

bankCountryCode AN..4 no Code of issuing bank country

bankCountryName AN..160 no Country of issuing bank in language specified in language parameter or in user language if language parameteris empty

The orderStatus field may have the following values:







5 Authorization through the issuer's ACS initiated.



Value Description

0 No system error

1 Expected [orderId] or [orderNumber]

5 Access denied


6 Order not found

7 System error

Request example:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"xmlns:mer="http://engine.paymentgate.ru/webservices/merchant"> <soapenv:Header/> <soapenv:Body> <mer:getOrderStatusExtended> <order orderId="942e8534-ac73-4e3c-96c6-f6cc448018f7"language="en"> <!-Optional:-> <merchantOrderNumber> </merchantOrderNumber> </order> </mer:getOrderStatusExtended> </soapenv:Body> </soapenv:Envelope>

Response example:

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <ns1:getOrderStatusExtendedResponsexmlns:ns1="http://engine.paymentgate.ru/webservices/merchant"> <return orderNumber="0s7a84sPe49Hdsddd0134567a0" orderStatus="2" actionCode="0" actionCodeDescription="Request processed successfully" amount="33000" currency="810" date="2013-11-13T16:51:02.785+04:00" orderDescription=" " errorCode="0" errorMessage="Success"> <attributes name="mdOrder"value="942e8534-ac73-4e3c-96c6-f6cc448018f7"/> <cardAuthInfo maskedPan="411111**1111" expiration="201512"cardholderName="Ivan" approvalCode="123456"/> <authDateTime>2013-11-13T16:51:02.898+04:00</authDateTime> <terminalId>111113</terminalId> <authRefNum>111111111111</authRefNum> <paymentAmountInfo paymentState="DEPOSITED" approvedAmount="33000" depositedAmount="33000" refundedAmount="0"/> <bankInfo bankName="TEST CARD" bankCountryCode="RU"bankCountryName="Russian Federation"/> </return> </ns1:getOrderStatusExtendedResponse> </soap:Body> </soap:Envelope>

4.1.5. Order reversal request

To reverse an order use the request. This functionflity is available for a limited period, that is specified by the Bank.reverseOrder

The reversal operation may be performed only once. If the reversal request caused an error, the next try will not be successful.

The reversal operation is available for merchants only under agreement with the Bank. To perform the reversal request a user must have anappropriate permission.

Request parameters:



language A2 no Language according to ISO 639-1. If not specified, the system uses the default language from the merchant's settings. Errormessage will be stated in this language.



errorCode N3 no Code of the error that occurred during reversal.



Value Description

0 No system error

5 Access denied



6 No such order

7 Reversal is impossible for current transaction state

7 System error

Request example:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"xmlns:mer="http://engine.paymentgate.ru/webservices/merchant"> <soapenv:Header/> <soapenv:Body> <mer:reverseOrder> <order language="en"orderId="f88a2bbf-2021-4ccc-8783-8a13068a89f9"> <!–Zero or more repetitions:--> <params name=" " value=" "/> </order> </mer:reverseOrder> </soapenv:Body> </soapenv:Envelope>

Response example:

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <ns1:reverseOrderResponsexmlns:ns1="http://engine.paymentgate.ru/webservices/merchant"> <return errorCode="7" errorMessage="Reversal is impossible forcurrent transaction state"/> </ns1:reverseOrderResponse> </soap:Body> </soap:Envelope>

4.1.6. Refund request

Use request to refund deposited money.refundOrder

This request returns money paid for the order back to the client. Request causes an error if the client is not charged. The payment gate allowsmultiple refunds, but their total amount cannot exceed the amount that was diposited from the client's account as a result of the order.

A user must have a corresponding permission in the system to perform this operation.

Request parameters:


orderId ANS36 yes Order number in the payment gate. It is unique within the gate.

refundAmount N..5 yes Refund amount in the order currency. May be less or equal to the current charged amount (which is lowered byprevious refunds).

language A2 no Language according to ISO 639-1. If not specified, the system uses the default language from the merchant's settings.Error messages will be stated in this language.






Value Description

0 No system error

5 Access denied



5 Amount is invalad

6 No such order

7 Refund is impossible for current transaction state

7 Refund amount exceeds deposited amount

7 System error

Request example:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"xmlns:mer="http://engine.paymentgate.ru/webservices/merchant"> <soapenv:Header/> <soapenv:Body> <mer:refundOrder> <order language=" "orderId="4302d369-a5e8-4432-a5e5-42acfab52c86" refundAmount="20000">  <params name=" " value=" "/> </order> </mer:refundOrder> </soapenv:Body> </soapenv:Envelope>

Response example:

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <ns1:refundOrderResponsexmlns:ns1="http://engine.paymentgate.ru/webservices/merchant"> <return errorCode="7" errorMessage="Refund amount exceedsdeposited amount"/> </ns1:refundOrderResponse> </soap:Body> </soap:Envelope>

4.2. Two-phase payment requests

4.2.1. Order preauthorization request

Order preauthorization request is called . It is used for registering an order with preauthorization. registerOrderPreAuth

Request parameters:


merchantOrderNumber AN..32 yes Number (identifier) of the order in the merchant system. It is unique within the system



currency N3 no Code of the payment currency (according to ISO 4217). If it is not specified in the request, the default value isused - 810, russian rubles.

language A2 no Code of the language (according to ISO 639-1) that the payment page should be displayed in. If it is notspecified, the system uses the default language from the merchant settings.


DESKTOP – to upload pages designed for displaying on PC monitors (pages with names payment_<lo and from archive of payment interface pages);cale>.html ocale>.htmlerrors_<l

MOBILE – to upload pages designed for displaying on mobile devices (pages with names mobile_pay and from archive of payment interfacement_<locale>.html ocale>.htmlmobile_errors_<l

pages);If the merchant has pages with names formed by adding of some prefix to the template part of the pagename, then you can specify necessary prefix in the parameter in order to redirect client topageViewthe corresponding page. For example, if = then pages with names pageView iphone iphone_paymen

and will be used.t_<locale>.html iphone_error_<locale>.html

Where:





If the request contains , the parameter the is ignoredexpirationDate parameter sessionTimeoutSecs .

bindingId AN..255 no Identificator of the binding, that was created earlier. May be used only if the merchant has permission to workwith bindings. If this parameter is sent in the request, that means:

1. This order may be payed only by binding;

2. The payer will be redirected to a payment page, where entering of CVC only is required.

expirationDate ANS no Date and time of termination of order life. Format: .yyyy-MM-dd'T'HH:mm:ss

If this parameter is not specified, the sessionTimeoutSecs parameter is used to determine date and timeof termination of order life.

returnUrl AN..512 yes Web address that the client should be redirected after successful payment. Absolute link must be specified.


params no An additional tag with the attributes for passing additional parameters of the merchant.

Fields of additional informaiton to be stored. To send N parameters, the request must contain N tagsparams, where the attribute contains parameter name and attribute contains parameter value:name value


name AN..20 yes Name of the additional parameter

value AN..1024 yes Value of the additional parameter



If notification of the client is switched on for the merchant, this tag should contain parameter with name emai which value is client's email.l

clientId AN..255 no Number of the client (identifier) in the merchant system. It is used to realise binding functionality. The requestmay contain this parameter only if the merchant is allowed to use bindings.







orderId ANS36 no Order number in the payment gate. It is unique within the gate. Absent if order registration failed (error is described bythe parameter).errorCode

formUrl AN..512 no URL of the payment form that the client's browser should be redirected to. Absent if order registration failed (error isdescribed by the parameter).errorCode

errorCode N3 no Code of the error that occurred during registration of the order.

errorMessage AN..512 no Description of the error in the language specified in the parameter of the request.language


Value Description

0 No system error

1 Order number is invalid

1 Order with this number is already registered in the system

3 Unknown currency

4 Empty emount

4 Empty return URL



5 Access denied


5 Pre-authorization payment is restricted

7 System error

Request example:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"xmlns:mer="http://engine.paymentgate.ru/webservices/merchant"> <soapenv:Header/> <soapenv:Body> <mer:registerOrderPreAuth> <order merchantOrderNumber="asuaakdfadsfasdfasdd5" description="" amount="10000" currency=" " language="ru" pageView="MOBILE"sessionTimeoutSecs=" " bindingId=" " expirationDate="2014-09-08T14:14:14"> <returnUrl>https://web.rbsuat.com/ab/finish.html</returnUrl> <params name="param1" value="paramValue1"/> <params name="param2" value="paramValue2"/> <clientId>7777</clientId> </order> </mer:registerOrderPreAuth> </soapenv:Body> </soapenv:Envelope>

Response example:

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <ns1:registerOrderPreAuthResponsexmlns:ns1="http://engine.paymentgate.ru/webservices/merchant"> <return orderId="5e5dc6bd-dee3-4c96-849a-09f3f575f4b6"errorCode="0" errorMessage="Success"> <formUrl>https://web.rbsuat.com/ab/mobile_payment_ru.html?mdOrder=5e5dc6bd-dee3-4c96-849a-09f3f575f4b6 </formUrl> </return> </ns1:registerOrderPreAuthResponse> </soap:Body> </soap:Envelope>


For payment use request. paymentOrder

The payment gate allows merchant to use both internal and external MPI.



pan Full card number Luna validation (checking if the card number is real), the number of digits in the card number - from13 to 20

cvc CVC code 3 digits

year, month Year, month of cardexpiry

The date in present or future. It the card expiry is a current month, the payment is possible untis theend of the month

cardholderName Cardholder name Is not verified

4.2.2.1. Internal MPI.

Request parameters:




cvc N..3 yes CVC








* Fields of additional informaiton to be stored. These filds may be transferred to a bank processing in order to display them in registers.**

This functionality may be enabled under the agreement with the bank during the integration. To send N parameters, the request must contain N p tags, where the attribute contains the name and attribute contains the value:arams name value


name AN..20 yes Name of the parameteradditional

value AN..1024 yes Value of the parameteradditional

** Fields and its are sent to the bank processing by default (not more than 99 simbols, the following simbols areorderNumber descriptionforbidden to use - %, +, \r, \n)







redirect AN..512 no Address for redirect




Value Description

0 No system error

5 Access denied




7 System error

Request example:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"xmlns:mer="http://engine.paymentgate.ru/webservices/merchant"> <soapenv:Header> <soapenv:Body> <mer:paymentOrder> <order orderId="09808814-eb60-4cea-86bb-ed849dbe7ae9" year="2015"month="12" pan="4111111111111111" cvc="123" cardholderName="A Moriarty"language="ru" ip="?"> <!-Zero or more repetitions:-> <params name="name" value="value"/> </order> </mer:paymentOrder> </soapenv:Body> </soapenv:Envelope>


<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <ns1:paymentOrderResponsexmlns:ns1="http://engine.paymentgate.ru/webservices/merchant"> <return info="Your order is proceeded, redirecting..."redirect="www.ya.ru?MDORDER=6d295b5b-84c3-44cd-adea-c0eaca122465&ANSWER=%3C%3Fxml+version%3D%221.0%22+encoding%3D%22UTF-8%22%3F%3E%0A%3CPSApiResult+primaryRC%3D%220%22+secondaryRC%3D%220%22%2F%3E&STATE=payment_deposited&ACTION_CODE=0&AUTH_CODE=2" errorCode="0"/> </ns1:paymentOrderResponse> </soap:Body></soap:Envelope>


<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <ns1:paymentOrderResponsexmlns:ns1="http://engine.paymentgate.ru/webservices/merchant"> <return errorCode="0" info="Your order is proceeded,redirecting..." redirect="https://web.rbsuat.com:443/ab/rest/finish3ds.do"acsUrl="https://web.rbsuat.com/acs/auth/start.do"paReq="eJxVUk1zgjAQ/SsM95KEr1pnjUOLnXqgYxUvvVHYAVQ+DFDUX99EUeshM/t2N2/3vQSmh2Kn/aJo8qqc6MyguoZlXCV5mU70dfj+NNKnHMJMIPorjDuBHAJsmihFLU8metGkBtM5LLwl7jkMTFwSGSaQK5RXRJxFZcshivev809uWzazHCADhALF3OfMtGzHfR4BuWAoowJ5iE27yqoayBlCXHVlK47ctS0gVwCd2PGsbesxIX3fG2lVpTs04qoAokpA7jssOhU1kuqQJzzwvf5yZqdPf0uDcHsM/C8WnNIJENUBSdQiNykzGaWOxujYpmNqAznnISrUDtx1XUqloguCWg3xHkr/UyC9FNLqq4wrAjzUVYmyQ/p3iyHBJr4ZodWDALmBygO5K3r7UB7HrXRvnXxvhdufxGKUdH34kiUb15mZ3k+3WSrnz01qXi79Yw67DFQAiKIhw6OS4cFl9PAR/gAOWr9V"/> </ns1:paymentOrderResponse> </soap:Body> </soap:Envelope>


For redirection to ACS the merchant, for its part, must redirect a client to the adress specified in the parameter with the body of theacsUrlrequest:

MD=mdorder&PaReq=pareq&TermUrl=redirect,

Where:

mdorder - unique order number in the payment gate system,pareq - a parameter from the response to the payment request,redirect - a parameter from the response to the payment request (address of the redirect to ACS).

The request must be in POST format.


4.2.2.1.1. Return to payment gate from ACS. Classical scheme



In this scheme issuing bank ACS executes authentication of the cardholder and redirects him to the merchant. from ACS is sent to thePAResmerchant. Then the merchant transfers it to the payment gate by the method.finish3DS

Description of is represented below: finish3DS

Request parameters:


md AN..30 yes Order number received after order registration




returnUrl AN..512 no URL of the payment form, where the client's browser to be redirected.



If and – the payment was executed successfully. For other cases see errorCode=0 info="Your order is proceeded, redirecting" e.rrorMessage


Value Description

0 No system error.

5 Access denied



7 System error

Request example:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"xmlns:mer="http://engine.paymentgate.ru/webservices/merchant"> <soapenv:Header/> <soapenv:Body> <mer:finishThreeDs> <request language="ru" md="8b5b7ee5-eb5a-4cf4-81ec-7153f7ca2864"paRes="eJzFV2mzokoS/Ssd/T4at1kEkRe0EcW+WCCLgH5jBwVRWfXXD2r37ft6eiZ6ZuLFEGFYnKjMypOZp4pinPyaJLydRN01WTEwaZogSz4V8dfPi/k8JKg5+kahYfBGYPjyLcRD+i2g8GWEzRdBvEA/r5gNsJLmZZAuyZBOF28EkU4GwWQaYAk6vS5CFMXxJUlGk0GfXJuiPq2wL+gXnEG+v05rX6M8OLUrJogurKKvCJxaoCiDfHtlquSq8CuKQV4DBvlhsekeo2ZiMBbxCvJgeP0EVOeFucFnI7xnN3iAXxnkMYOJgzZZ4ShGojRKf8KwPwn8T2zJIE+cOT/cgaruJt8kSVJLmkE+YsyUrWtyim6rBTFnkPc3JhnP9SmZZkzE3scM8iO8c3BaoR8ebHom3xPKOP6KaYvql2E9caZpg7ZrVjsG+TZioqDvVwAAlp3HxN6y2ESR/LwE35+J7nMKk0TFCiWnoKb/pxUos/patHn1CPWvAIM8QkGehV0xdpGdpsWuyaexKk/N1895257/RJBhGL4M8y/1NUPwiQiC0sg0IW6K7I/PL6skVk5p/R+ZccGpPhVRUBb3oJ26AiZtXsef3mP7lRvHenjCEEvg3iZXbxFGnN4eCDrHyMkn8munH5j9zio/B3ttgrcmD7DHAj85WjFWkiaPjkg+bS3l6+c/flMZfJElTfvfRPM9ko8evvtzg7JLVuNlPjOtnlVwfrbnbntQ7I+7AtOSQfn63e41k0Hew//G7VXIDwl7TfT1ejePNAdVXfkIMMqH7mYGy9QkoRea8wW61M+L1ElSyOUdhpU05W4jqZPbaGjuylHf5GicEpcYW/MiskkxU96WNYClI6CaFt1TqSuhcc55kyRpTwjnO1gISSgKYVaLqhTPhO5uRL2qXdYQva6F5f46nkA+HrDRxjxiUft+3Sv7NVaLy68fivSNpZbcXqz8SWx80AavEZdc2yKdumXaB6CicLXDcSC7ZGBQWJApKticRPue7IpZGUKASpx9kWwlnPOmwLLmFkABjNwdqGymuyzYOaB0HWiBgc92vGuamjDE/M5X870k3qE5DNwLXwuDbtquOQoO2LxsocPJ7DnmsFuI0yhkCZ+fMgN5OOgHgML7doRiPWHKE4P3d2wweWENwVEC2FZgc8i5LhwFHhgvv7XDonoeVeJx58OR54H2whsHYKzq8oIFwfJpC0aoRFKJrn21D+fmkO2XA2/uVK3eK3kf6eDJGUzUUAAVSQW1xAJNouIiuPJmhlHbQ9WrQSOL9sHLN3FII/TZ3/ce0LqIHi6XAz8/9dvFMOvUdqeIF53ofW52OFLJkXBF6tAfeXFuoWh6ksvFYLhdejdLEVAz0z97DpSacHG7DbkPBzeMjGWHEZHkIuOMdJPh6GRX1wov+9LwlSopS733sLRRSbmw3VReJrcSZJAFQDpkgfLkJptTLSzUYNmdIOrH+TynTYyV0qKmulHTE7zcxZjcqVAGj/zEymCdoZSAfze33tpH8zBV02wGznzWWhIG1d3eBRMC4plnLoeyiYu3nWfl0V2AcErkEx8hvxXKLbSEgR+etrww5EPgm21U0X2s/NyPwzMuYTBFCCZu6T/VS3zVSwBKst+3vnkpWQ0lAjwrKulYI8Ea33nQynKUuDna7DBQxlFFtl4MsIxabtUjiVwdlcZJii5q8tpUa9l3Z50XLbzrQhENAqRjYfYzyUM20FyeO4Kul0lP35x+F9TN0t8Q93hrEFbjswN93VmdvSGMHm8NTdvUlaGug9Amp+4rubo7UhSBjI4wifdnZf5Sqqf7Q6rFD6lOXS4hSiIPLf3/lKrO7+469lepfsOGzeF/kurmweubVKWnVD09n6SY/swXTHynbtMBz7GFObkxeXs5HDtxKxLHICgCez2zyIUbHO9YN508O/GCCLWv3tf2gII28JZYIndcfkuWlJ/x0sbvgMDVoWZh55o6VFVP6Vh1qcsxXrctqElNuXp0YuiLGTKb20SrHDvtepkt3LVzG22yrSh5wuaunBlBt7vswRBzoy1elE48NN0hb2a+P/YD29VkMyg8MAFbE1Lx5MY+Ocd8Znosa9uJgYBzHyPKblPnIJMxJRZs/YxoPDs88iXbUAgc9pSxzl6niXSrm9aJuBhUYx/89uzJsUUVgSicBeVv2jptjjN5ctw280rpz9590uYjLgsKrAMmbjLyq/6c6sUCrvVZtG9LdGZut70slfUyu3DD4ZAP/Poc4K7VlEHXaFK7JLxyU/ioI+PsZayQe7W5sQf91PmeJFcmoWVidQlQOxExkG6Q3Rx4iaCChVonB3J5ktD8uuAiIxyv3GwA0NrwSrmWjRmJmbfDWRdpmZsd8UU4boPzvsFdD8HP0WZBVa0p3/xiZ/6eTFnyIVOX+y7T7fZ61zjaUqieygI1dehY48wt5w/75le7198jmZdksWm/HeEBEJNEb/ApWQF/Ys47Ngi8YHzbaR8+RPdYOqYDf/N03F76/MDVtAphvNHB0FTyItyYRRUM4amouLm9GNtzFkb8/hanqHK7pTdIC2l3GncU7WEIV2eeye1Do2yI4JCxjXZc70o5Lo1aUo+EROxbMVibdyMcJHLcgNCi7rsk2MeVpQWUVuKqOrZ6ZZDO7OaPSMu3i5zTT+s8a0aaGCipQFhRMQr/++n4yO2Pk0VgkcHkIAD/8mSBd7RPp6ovAtea407QOq4jqKejJ1b5FVPNppD3FiFnKXaXziiYB3mejm2na5q0pQrphEVwvNcnhRaoI8nZ2tq1D0VpuMt83h3PzgzX8hbvacINCxbZnLPM8DrRh2CnD2k6coG4KQ+zPdbJTlljBrsVGyXa5bgx6woxZzfa2WvndjXG8sL81cmC/PgeRN6/EX98PT6vnc9L8uOe9PHy/A9JE/bD"/> </mer:finishThreeDs> </soapenv:Body> </soapenv:Envelope>

Response example:

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <ns1:finishThreeDsResponsexmlns:ns1="http://engine.paymentgate.ru/webservices/merchant"> <return errorMessage="" errorCode="0"returnUrl="http://ya.ru?orderId=8b5b7ee5-eb5a-4cf4-81ec-7153f7ca2864"/> </ns1:finishThreeDsResponse> </soap:Body> </soap:Envelope>

4.2.2.2. External MPI.

Request parameters:


orderId ANS36 yes Order number received after order registration


cvc N..3 yes CVC






email ANS..* no Email adress of the payer. If the merchant intends to send notifications about operations with the order to the payer,this parameter should be specified.


In case of external MPI using, RBS expects that payment request contains parameter. If this parametereach "eci"value differs from the values used for SSL-authorizations, it is also to send and " parameternecessary "xid" cavv"s.

* Fields of additional informaiton to be stored. These filds may be transferred to a bank processing in order to display them in registers. **

** This functionality may be enabled under the agreement with the bank during the integration. To send N parameters, the request must contain N tags, where the attribute contains the name and attribute contains the value.params name value

If the external MPI is used and if there is an appropriate RBS permission to use it, then the purpose of the additional parameters list also includessroring and sending to SmartVista of , , parameters.cavv xid eci


name AN..20 yes Additional parameter name

value AN..1024 yes Additional parameter value



errorCode N..1 yes Code of the error that occurred during registration of the order.

errorMessage AN..512 no Description of the error in the language specified in the Language parameter of the request.



If = 0 and = "Your order is proceeded, redirecting" - the payment was executed successfully. For other cases see errorMessage.errorCode info


Value Description

0 No system error

5 Access denied




7 System error

Example request:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"xmlns:mer="http://engine.paymentgate.ru/webservices/merchant"> <soapenv:Header> <soapenv:Body> <mer:paymentOrder> <order orderId="f0c87e00-7b26-4573-942f-3d40596a6d43" year="2015" month="12" pan="4111111111111111" cvc="123" cardholderName="A Moriarty" language="ru" ip="?"> <!-Zero or more repetitions:-> <params name="xid" value="MDAwMDAwMDEzMzkyMjg5ODExNTc="/> <params name="eci" value="05"/> <params name="cavv" value="AAABCpEChRM5IomAKFAAAAAAAAA="/> </order> </mer:paymentOrder> </soapenv:Body> </soapenv:Envelope>

Response example:

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <ns1:paymentOrderResponsexmlns:ns1="http://engine.paymentgate.ru/webservices/merchant"> <return errorCode="0" info="Your order is proceeded,redirecting..."/> </ns1:paymentOrderResponse> </soap:Body> </soap:Envelope>

4.2.3. Request for preauthorized order completion

To deposit payment for a preauthorized order use the request. This request is not available by default.depositOrder

Request parameters:



depositAmount N..5 yes Deposit amount in the order currency. Can be less or equal to the preauthorized amount. Cannot be less than 1standard currency unit (e.g. 1 euro, currency used depends on the system configuration).

language A2 no Language according to ISO 639-1. If not specified, the system uses the default language from the merchant's settings. Error message will be returned in this language.



errorCode N3 no Code of the error that occurred during deposit.

errorMessage AN..512 no Description of the error in the language specified by the Language parameter of the request.

If you specify zero in parameter, completion occurs for the entire pre-authorized amount.Attention!!! amount


Value Description

0 No system error

5 deposited amount is exceeding approved amount

5 deposit amount must be at least 1 ruble or equal to zero

5 Access denied


6 No such order


7 Payment must be in approved state

7 System error

Request example:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"xmlns:mer="http://engine.paymentgate.ru/webservices/merchant"> <soapenv:Header/> <soapenv:Body> <mer:depositOrder> <order language="ru"orderId="4302d369-a5e8-4432-a5e5-42acfab52c86" depositAmount="30000"> <!-Zero or more repetitions:-> <params name="?" value="?"/> </order> </mer:depositOrder> </soapenv:Body> </soapenv:Envelope>

Response example:

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <ns1:depositOrderResponsexmlns:ns1="http://engine.paymentgate.ru/webservices/merchant"> <return errorCode="6" errorMessage="No such order"/> </ns1:depositOrderResponse> </soap:Body> </soap:Envelope>

4.2.4. Order status request

To inquire state of a registered order, use the request.getOrderStatus

The order status must be determined by the value of parameter.orderStatus field is deprecated.authCode

Request parameters:


orderId ANS36 yes Order identifier in the payment gate. Unique within the gate.

language A2 no Language according to ISO 639-1. If not specified, the system uses the default language from the merchant's settings. Errormessages, if any, will be returned in this language.



orderStatus N2 no This paramater shows order status in the payment gate. Possible values are listed in the table below.Parameter is absent if no order with the specified ID was found.




pan N..19 no Masked number of the card that was used for payment. Specified only for paid orders.




currency N3 no Code of the payment's currency (according to ISO 4217).


authCode N3 no This parameter is deprecated. Its value is always "2", regardless of the order status and processing system.authorization code

ip AN..20 no IP address of the computer that the order initiated on.

date ANS yes Date of order registration

orderDesctiption AN..512 yes Order description that was sent during registration

actionCodeDesctiption AN..512 yes Description of action code the language specified in the field of the request.Language

clientId AN..255 no Number of the client (identifier) in the merchant's system. Transferred, when order is registred. Present only ifcreation of ligaments is allowed for merchant.

bindingId AN..255 no Identificator of the ligament created while paying an order or used to pay for. Present only if creation ofligaments is allowed for merchant.

The orderStatus field may have the following statuses:










Value Description

0 No system error.

1 Order with this number is already registered in the system.

2 Payment is declined


5 Access denied


6 Unknown order id

7 System error

:Request example

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"xmlns:mer="http://engine.paymentgate.ru/webservices/merchant"> <soapenv:Header/> <soapenv:Body> <mer:getOrderStatus> <order orderId="b1221b79-5703-42c9-a4b1-ed0d0f36493e"language="en"/> </mer:getOrderStatus> </soapenv:Body> </soapenv:Envelope>

Response example:

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <ns1:getOrderStatusResponsexmlns:ns1="http://engine.paymentgate.ru/webservices/merchant"> <return orderStatus="2" errorCode="0"orderNumber="456789012345678" pan="411111**1111" expiration="201512"cardholderName="Ivan" amount="15000" currency="810" approvalCode="123456"authCode="2" ip="212.5.125.194" date="2013-09-03T16:48:52.459+04:00"orderDescription=" " actionCodeDescription="Request processed successfully"clientId="666" bindingId="df0b1801-a754-4576-b174-c2485d98bc9b"/> </ns1:getOrderStatusResponse> </soap:Body> </soap:Envelope>

4.2.5. Extended order status request

To inquire about state of a registered order, use the request. getOrderStatusExtended

Request parameters:


orderId ANS36 yes* Order identifier in the payment gate. Unique within the gate.

merchantOrderNumber AN..32 yes* Order number (identifier) in the merchant'system

language A2 no Language according to ISO 639-1. If not specified, the system uses the default language from the merchant'ssettings. Error messages, if any, will be returned in this language.

* It is necessary to specify whether or in the request. If the request contains both parameters, is aorderId merchantOrderNumber orderIdpriority. There are 3 sets of response parameters. These sets depend on getOrderStatusExtended version, specified in merchant settings.

Response parameters for versions 01, 02,03:The following parameters are returned regardless version.gerOrderStatusExtended



orderStatus N2 no State of the order in the payment gate. The value is selected from the list below. Absent if no order with thespecified ID was found.


actionCodeDescription AN..512 yes Action code description on the language passed in the parameter Language"




currency N3 no Code of the payment's currency (according to ISO 4217).If not specified, assumed to be 810 (Russianrubles).



ip AN..20 yes IP address of the computer that the order initiated on.

is present in the reponse if the order contains merchant additional parameters. Each additional parameter is described inElement merchantOrderParamsseparate element by the following fields: merchantOrderParams



Element – the structure includes element and the following attributes:cardAuthInfo secureAuthInfo

maskedPan N..19 no Masked number of the card that was used for payment. Specified only for paid orders.



approvalCode AN6 no IPS authorization code.Specified only for paid orders. The field has fixed length of six characters, it cancontain both numbers and letters.

(includes element and element with parameters and ):Element secureAuthInfo eci threeDSInfo cavv xid

eci N..4 no Electronic Commerce Indicator. Set just after the payment order in the case of a permit

cavv ANS..200 no Cardholder Authentication Verification Value. Set just after the payment order in the case of a permit.


consits of the following fields:Element bindingInfo

clientId AN..255 no Client number (ID) in the shop system, transferred during the order registration. Presents only if a shop isallowed to create bindings.

bindingId AN..255 no Binding identifier created during order payment or used for payment. Presents only if a shop is allowed tocreate bindings.








consists of the following parameters:Element paymentAmountInfo


depositedAmount N..20 no Amount confirmed for deposit



Element consist of:bankInfo




The orderStatus field may have the following values:







5 Authorization through the issuer's ACS initiated.



Value Description

0 No system error

1 Expected [orderId] or [orderNumber]

5 Access denied


6 Order not found

7 System error

Request example:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"xmlns:mer="http://engine.paymentgate.ru/webservices/merchant"> <soapenv:Header/> <soapenv:Body> <mer:getOrderStatusExtended> <order orderId="942e8534-ac73-4e3c-96c6-f6cc448018f7"language="en"> <!-Optional:-> <merchantOrderNumber> </merchantOrderNumber> </order> </mer:getOrderStatusExtended> </soapenv:Body> </soapenv:Envelope>

Response example:

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <ns1:getOrderStatusExtendedResponsexmlns:ns1="http://engine.paymentgate.ru/webservices/merchant"> <return orderNumber="0s7a84sPe49Hdsddd0134567a0" orderStatus="2" actionCode="0" actionCodeDescription="Request processed successfully" amount="33000" currency="810" date="2013-11-13T16:51:02.785+04:00" orderDescription=" " errorCode="0" errorMessage="Success"> <attributes name="mdOrder"value="942e8534-ac73-4e3c-96c6-f6cc448018f7"/> <cardAuthInfo maskedPan="411111**1111" expiration="201512"cardholderName="Ivan" approvalCode="123456"/> <authDateTime>2013-11-13T16:51:02.898+04:00</authDateTime> <terminalId>111113</terminalId> <authRefNum>111111111111</authRefNum> <paymentAmountInfo paymentState="DEPOSITED" approvedAmount="33000" depositedAmount="33000" refundedAmount="0"/> <bankInfo bankName="TEST CARD" bankCountryCode="RU"bankCountryName="Russian Federation"/> </return> </ns1:getOrderStatusExtendedResponse> </soap:Body> </soap:Envelope>


To reverse an order use the request. This functionflity is available for a limited period, that is specified by the Bank.reverseOrder



Request parameters:



language A2 no Language according to ISO 639-1. If not specified, the system uses the default language from the merchant's settings. Errormessage will be stated in this language.



errorCode N3 no Code of the error that occurred during reversal.



Value Description

0 No system error

5 Access denied



6 No such order

7 Reversal is impossible for current transaction state

7 System error

Request example:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"xmlns:mer="http://engine.paymentgate.ru/webservices/merchant"> <soapenv:Header/> <soapenv:Body> <mer:reverseOrder> <order language="en"orderId="f88a2bbf-2021-4ccc-8783-8a13068a89f9"> <!–Zero or more repetitions:--> <params name=" " value=" "/> </order> </mer:reverseOrder> </soapenv:Body> </soapenv:Envelope>

Response example:

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <ns1:reverseOrderResponsexmlns:ns1="http://engine.paymentgate.ru/webservices/merchant"> <return errorCode="7" errorMessage="Reversal is impossible forcurrent transaction state"/> </ns1:reverseOrderResponse> </soap:Body> </soap:Envelope>

4.2.7. Refund request

Use request to refund deposited money.refundOrder


multiple refunds, but their total amount cannot exceed the amount that was diposited from the client's account as a result of the order.


Request parameters:


orderId ANS36 yes Order number in the payment gate. It is unique within the gate.

refundAmount N..5 yes Refund amount in the order currency. May be less or equal to the current charged amount (which is lowered byprevious refunds).

language A2 no Language according to ISO 639-1. If not specified, the system uses the default language from the merchant's settings.Error messages will be stated in this language.






Value Description

0 No system error

5 Access denied



5 Amount is invalad

6 No such order

7 Refund is impossible for current transaction state

7 Refund amount exceeds deposited amount

7 System error

Request example:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"xmlns:mer="http://engine.paymentgate.ru/webservices/merchant"> <soapenv:Header/> <soapenv:Body> <mer:refundOrder> <order language=" "orderId="4302d369-a5e8-4432-a5e5-42acfab52c86" refundAmount="20000">  <params name=" " value=" "/> </order> </mer:refundOrder> </soapenv:Body> </soapenv:Envelope>

Response example:

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <ns1:refundOrderResponsexmlns:ns1="http://engine.paymentgate.ru/webservices/merchant"> <return errorCode="7" errorMessage="Refund amount exceedsdeposited amount"/> </ns1:refundOrderResponse> </soap:Body> </soap:Envelope>

5. REST interfaceInteractions are implemented as HTTP requests with GET or POST methods to certain URLs, separate for each individual request type(see "Address data for connections" section for exact addresses). Parameters of interactions are sent as parameters of GET or POST requests;values should be URL encoded.

Result of processing the request returns as a JSON object. Example:

{"errorCode":"12","errorMessage":"Empty amount"}

For authorization purposes each request should include login and password of the merchant that were produced during its registration. Login andpassword values are sent as the following parameters:


userName AN..30 yes Login of a user received during registration.

password AN..30 yes Password of a user received during registration.

Requests for one- and two-phase schemes may differ. Requests for each scheme are described below.

Requests for one- and two-phase schemes may differ. Requests for each scheme are described below.

In design of the pages (payment page, the error page) you have to use Unicode (UTF-8).

Special characters in REST requests must be screened in accordance with the URL-code. The table of characters is represented here - http://web. For example, password "qwe?rt%y" should be transferred as "qwe%0Frt%25y".-developer.name/urlcode/

If the Error code = 0, the request was processed by the Payment gate without system errors (error code does not show the status of the order).

To get the status of an order should use the request or .getOrderStatus getOrderStatusExtended

5.1. One-phase payment requests

5.1.1. Order registration request

To register an order in the payment gate use request (see "Address data for connections" section). register.do

Request parameters:


userName AN..30 yes Merchant's login received during registration.

password AN..30 yes Merchant's password received during registration.

orderNumber AN..32 yes Number (identifier) of the order in the merchant's system.


currency N3 yes Code of the payment currency, according to ISO 4217.

returnUrl AN..512 yes Web address that the client should be redirected to after successful payment. Absolute link must be specified.



language A2 no Language according to ISO 639-1. If not specified, the system uses the default language from the merchant'ssettings.


DESKTOP – to upload pages designed for displaying on PC monitors (pages with names payment_<loc and from archive of payment interface pages);ale>.html ocale>.htmlerrors_<l

MOBILE – to upload pages designed for displaying on mobile devices (pages with names mobile_paym and from archive of payment interfaceent_<locale>.html ocale>.htmlmobile_errors_<l

pages);If the merchant has pages with names formed by adding of some prefix to the template part of the pagename, then you can specify necessary prefix in the parameter in order to redirect client to thepageViewcorresponding page. For example, if = then pages with names pageView iphone iphone_payment_<l

and will be used.ocale>.html iphone_error_<locale>.html

Where:



clientId AN..255 no Client number (ID) in the shop system. It is used for bundles functionality implementation. Presents only if ashop is allowed to create links.


http://web-developer.name/urlcode/

http://web-developer.name/urlcode/

jsonParams AN..1024 no Block for sending of merchant additional parameters. Fields of additional information for storage, should besent as:

{"<name1>":"<value1>",...,"<nameN>":"<valueN>"},



If notification of the client is switched on for the merchant, this block should contain parameter with name emai which value is a client's email.l



If the request contains , the parameter is ignoredexpirationDate parameter sessionTimeoutSecs .

expirationDate ANS no Date and time of termination of order life. Format: .yyyy-MM-ddTHH:mm:ss

If this parameter is not specified, the sessionTimeoutSecs parameter is used to determine date and time oftermination of order life.

bindingId AN..255 no Identificator of the binding, that was created earlier. May be used only if the merchant has permission to workwith bindings. If this parameter is sent in the request, that means: 1. This order may be payed only by binding; 2. The payer will be redirected to a payment page, where entering of CVC only is required.






orderId ANS36 no Order number in the payment gate. Unique within the gate. Absent if order registration failed (error is described in err).orCode

formUrl AN..512 no URL of the payment form that the client should be redirectd to. Absent if order registration failed (error is described in e).rrorCode

errorCode N3 no Code of the error that occurres during registration.

errorMessage AN..512 no Description of the error in the language sent in the parameter of the request.language

Error codes (values of the field)errorCodeErrors classification:

Value Description

0 No system error.

1 Order number is duplicated, order with given order number is processed already

3 Unknown currency

4 Mandatory request parameter was not specified

5 Erroneous value of a request parameter.

7 System error.

Possible error messages:

Value Description

0 No system error

1 Order with this number was already processed.

1 Order with this number was registered, but was not paid off.

1 Invalid orderNumber

3 Unknown currency.


4 Empty merchant user name

4 Empty amount

4 Return URL cannot be empty

4 Password cannot be empty


5 Access denied


5 Invalid [jsonParams]

7 System error

GET Request example:

https://web.rbsuat.com/ab/rest/register.do?amount=100&currency=810&language=ru&orderNumber=87654321&password=password&returnUrl=https://web.rbsuat.com/ab/finish.html&userName=userName&jsonParams={"orderNumber":1234567890}&pageView=MOBIL&expirationDate=2014-09-08T14:14:14&merchantLogin=merch_child

POST Request example:

amount=100&currency=810&language=ru&orderNumber=87654321&returnUrl=https://web.rbsuat.com/ab/finish.html&jsonParams={"orderNumber":1234567890}&pageView=MOBIL&expirationDate=2014-09-08T14:14:14&merchantLogin=merch_child

Response example:

{"orderId":"70906e55-7114-41d6-8332-4609dc6590f4","formUrl":"https://web.rbsuat.com/ab/merchants/test/mobile_payment_ru.html?mdOrder=70906e55-7114-41d6-8332-4609dc6590f4"}




PAN Full card number Luna validation (checking if the card number is real), the number of digits in the card number - from 13 to20

CVC CVC code 3 digits

YYYY,MM

Year, month of cardexpiry

The date in present or future. It the card expiry is a current month, the payment is possible untis the endof the month

TEXT Cardholder name Is not verified

5.1.2.1. Internal MPI

Use method for payment request.paymentorder.do

Only POST request is supported.

Request parameters:


userName AN..30 yes Merchant login received after merchant registration

password AN..30 yes Merchant password received after merchant registration

MDORDER ANS36 yes Order number received after order registration

$PAN N..20 yes Card number

$CVC N..3 yes CVC

YYYY N..4 yes Expiry year

MM N..2 yes Expiry month

TEXT A..512 yes Cardholder name




bindingNotNeeded boolean no Possible values:

true – turns off the creation of binding after successful payment (client identifier, sent with orderregistration request, will be deleted from order details after the payment);false – successful payment may result binding creation ( ). This value is a under the appropriate conditionsdefault value.

jsonParams AN..1024 no Fields of additional information for storage, the type is . These{"param":"value","param2":"value2"}fields may be transferred to the bank processing for their representation in registers.

Fields and its are sent to the bank processing by default (not more than 99orderNumber descriptionsimbols, the following simbols are forbidden to use - %, +, \r, \n).





error AN..512 no Description of the error in the language specified in the Language field of the request.



redirect AN..512 no Address for return after the payment

termUrl AN..512 no Is not used in payments, that does not require additional authentication on Issuing bank ACS.




Name Type

0 No system error

5 There are no payment attempts any more

5 System or intenal error

Request example:

MDORDER=0d4b02cb-5147-4232-9012-4d38c743ahr6& $PAN=5555555555555599&$CVC=123&YYYY=2015&MM=12&TEXT=Card Holder&language=ru


{"redirect":"www.ya.ru?MDORDER=8cfb5c89-c2db-49e4-80c5-a0569c897cbf&ANSWER=%3C%3Fxml+version%3D%221.0%22+encoding%3D%22UTF-8%22%3F%3E%0A%3CPSApiResult+primaryRC%3D%220%22+secondaryRC%3D%220%22%2F%3E&STATE=payment_deposited&ACTION_CODE=0&AUTH_CODE=2","info":"Your order is proceeded,redirecting...","errorCode":0}


{"info":"Your order is proceeded, redirecting...","acsUrl":"https://web.rbsuat.com/acs/auth/start.do","paReq":"eJxVUdFygjAQ/BWG9xKioNQ54tCirQ+oo/QDKNwAVYIGENuvbyJQ60Nmdu8um80ezK/FUbugqPKS\nuzo1TF1DHpdJzlNX/wiXT44+ZxBmAtHfY9wIZBBgVUUpanni6kWVGlRnsPV2eGbQKzEpZIyADFRe\nEXEW8ZpBFJ9fVmtmjaYT0wTSUyhQrHw2BdIB4FGBbI8X5Is8zep1zhHIrQhx2fBafLOJNQYyEGjE\nkWV1fZoR0ratkZZlekRDNEBUB8jdwbZRqJJK1zxhge+13Vn8bMLD9yZM7eDLs4Lw4AJRE5BENbKR\nSS3TNm2NOjPTmVnS+60OUaEsMGrKrvpQR+GkXvEee/9rILMUMurhHwMDvJ5KjnJC5veHgdxdv76r\nFONaxuSveRIvnyfeWxjsNk4QHXJaFZ/V+NIuVba3IaWYy4ioTTtJRYAoGdKvjfQrlehh1b8el7SS\n","termUrl":"https://web.rbsuat.com/:443/ab/rest/finish3ds.do","errorCode":0}


In order to redirect client to ACS, the merchant must perform redirection to the adress specified in the parameter with the body ofacsUrlthe request:

MD=mdorder&PaReq=pareq&TermUrl=termUrl,

Where:

mdorder - unique order number in the payment gate system,pareq - a parameter from the response to the payment request,termUrl - a parameter from the response to the payment request.


5.1.2.1.1. Return to payment gate from ACS



In this scheme issuing bank ACS executes authentication of the cardholder and redirects him to the merchant. from ACS is sent to thePAResmerchant. Then the merchant transfers it to the payment gate by the method.finish3DSPayment.do

Description of is represented below:finish3DSPayment.do

Request parameters:


mdOrder AN..30 yes Order number received after order registration




redirect AN..512 no URL of the payment form, where the client's browser to be redirected.



If = 0 - the payment was executed successfully. For other cases see error description.errorCode


Value Description

0 No system error.

5 Access denied



7 System error

Request example:

https://web.rbsuat.com/ab/rest/finish3dsPayment.do?mdOrder=906bf262-bd53-4ac7-983c-07127954681b&paRes=eJzFV2uTokoS%2FSsTcz8aPYCC6A3HiOKNCshT8BtCyRuUN%2Fz6RXu6p%2B9s78bsbtxYIgyLE5VJnso8%0D%0AlVUbIywhZHToNSXcbiRYVW4Av0T%2B969ZFXzDvm43R6DB6on4qwW%2Bdq%2FwhVi58AVfXvAXlySWL95l%0D%0AQULU8yD0HwYtLKuoyLfYN%2FTbfIO8vU7OSy9083q7cb07JcpbfE4uUXSD%2FHjdZLAUmS25QV4HG%2BSn%0D%0AxbF5jKopxD7ytxIDutcfOypGMigGi8mj2Mlj8n2DPGZsfLeG2zmK4SiBEl%2Bw5Z%2Fo8k9siuaJb24P%0D%0AdyArmsn3nEDRRxQfsc20HCXMvWG7xBcb5P1tA%2FtbkcOH1QZ5H2%2BQn%2BHd3HyLfniw6Zl8T%2BjGsLeb%0D%0AOso%2BDeuJb6rarZtq62yQH6ON57btFgBAUQt%2FlELlvNechTSAt2ei%2B5yygV60RYkpqOn%2FaQXSoCij%0D%0AOsweof4V2CCPUJBnYrcbPQry6WMl%2FNJnaV59%2FxrW9e1PBOm67lu3%2BFaUATKfiCDoGpkm%2BFUU%2FPH1%0D%0A1Qr6Yn4t%2FiMz2s2LPPLcNBrdeqoKCdZh4X95j%2B0zN4b28IQhGku%2FTK5ePAzPXx4IusCIySfyudMP%0D%0AzH7nK78GW1buSxW6j4JGfnG03WjwCh8VAb%2BYmvj96x%2B%2FqQwmCmBV%2FzfRvEXy0cObP8tNG7hlvTHg%0D%0AZld%2BdR0XC5bRZ0wYBGuMX0TS9ze715kb5D38H9xeE%2FlhwV4nhqxy1zVg8vNYF6J7bIQ75sC31BX1%0D%0AvfnyZIdDwMh25uRqdQpmB%2FFgIVlIKGMHfIHB%2FQYfHIkQuagyA0JJOEij%2FEj267KDx4zB6cpEayhj%0D%0A6JGjXBat9Pu51hZ3S7RqlaN3A4Pn%2BpAplzUteVK%2FNnftIfCCarw7pnsiLt3N6B2MtOSdkF%2BC7x%2BS%0D%0A9IPlHg6vrGwCXTNu7b6OaFjW0XWqlmkfkESRLgyaBsE9AJ1IgUDcgWPO6SN0oll6kQDK0%2Fqd18XL%0D%0AglFZilJNILGgp0ewowLZooBjgNQyJA10TOAwlqru2c5nHHsXnnlulNSuo1%2FxA9vJqm6pPWuA46ut%0D%0AZNACdfNpbLjM16hE4TZjsKjESJ0cA1QazV7iigkTn5g0vmOdyrAHCSQ8wEyWCiXasqSeZYDy6rcw%0D%0AKFQOvYxLHFvqGQbsX%2FHKABi1sxhWk8DqaQt6SfT4FD3Yu%2FayULvgvOoY1dnti7MYtp4MnpzBRA0F%0D%0AksjvQMFTYM%2BTfuSWjBpgpBln7c6tBE6PT%2BHRv6yR9c0%2Btyewb7x1d7%2FHzCJvzWU3a3a1I3J3GW9t%0D%0AehYnJExwiyPjNmG4hYai11xIl51iNddRTTlAzlT7djIkvrosh6ELbamzLp6yajDc4y2knxEW7BIj%0D%0AKC3tcj%2Bnii1mME3l9oRdqx0hRLp1FVZwSEEgUQDwceCKT26COuVCQxWKclhOThaLcK1iFH%2BNCrLp%0D%0A9zKcp46PCc1OEsBjfXyx024SD8G%2Fm1uYeqLGUzbVqqPVZ655tttZ5siqEsCf60yHkqDOucE5aaE3%0D%0AspI0LeQT7yXGZFNT0tiO6Z62DNuFnWurtZetW1%2F8tR67Z1xsp3ISmLhd%2Fylf3Gu%2BWCDC87m21XtK%0D%0A7VHcnQdRxicF4h7mzknSghDFB2M%2FiztSSXaIefIBFpArc5cQSGns1nOCXEcFUVbZQbCtWXPylqdy%0D%0AKXIKDq59pLYz%2FoQcJXV1a%2FB1sYLtejBaxy2qlX3ER99UcK2yqW5dOlqjH3GlndfKfn8sMmV3cC86%0D%0AMVVfShdNQpI40hvsJN5flfmpVPPxIdXop1SnKucREQpdvf5%2FSlVmnFHG%2FirVH1h3jP8nqR4fvH5I%0D%0AlX9K9SSHkxSvv%2FIFE9%2Bp2mTA0FSkTm5URl91ScOZHJ64buTqh5lGLC03GbFm6jwOd0fYwt6NB71D%0D%0AQe2eVhgUGjoc4Iq0A4Y%2F2g1g6eKy17BbQcZZ1pIylt2LtPcPdQ0KYi%2BWpzVU5OUMmS10vBaTZl%2Fe%0D%0AZ0vrYAy9TtQZKUzYwhICxW2c%2Bxl0Pt3r3F1suLhq4rCa2XbfdlRTEFUnMkAFVIHz0ZMb9eTsM4F6%0D%0AoihdhwoCbq2PiM6xCEEgYKLP6vIN2TNU91gvQZdY16DygDLO8hq%2FmrKq5fhdISs9tuvbSfA1MnI5%0D%0A9saKf9PWqdO0yhC9WS0ysb2dxkmbj7g0iaUMMHETkM%2Fqc8oXBejaptC2TtGZapqtwKfFKrjTXRyH%0D%0AHXO4uXNLq1K3qfZ8vcJP6TGyUUOYU%2Fc%2BQ8bsOFCxnDf2iRcyFd8HXHZ3UR1yGLgeEWcBTpDdgeWu%0D%0AgDGxynk0LJe0p1z6kp51QNKOjJgeBGVGYOoQ32RuLdCzZL689KZ7O1dz64TMb95xSWa1Kgx25Ki%2F%0D%0AJ1Nq9uiop%2F2bTE1pPbWOJqHtBp%2F5eXPwhjM77Bt8tQo%2B273%2BHsm8S1btJ8nisgF6%2BdldWewXrBNj%0D%0Aduob%2BJsP28rS0dEpwxd24SXzU5G1pjaUDlCnlLPt%2FV7XFB2%2BVNG7tM%2FpS2UkeKdTUd4J3HrG32v7%0D%0AeIgx2tnPdT%2FLmVpC1%2BMSdk17UOvMUwaubWoMoeZJo2p8CfXrCuHJS3XjclU9hXToTYe9DCACqpjl%0D%0APnKUgIpMkT7g0SGIjYt%2F5cANMjiXFDDDiOvcSpXVsrQKkpArgPX22WLQEsbKFQTUVTbat675WPOf%0D%0AHYelkE6lJQD%2BZceRZX%2BJHI2BnN0DWd%2Bdg%2BqCCnmEEGrEqUrSoNJhQeAXWshEyYMhvuOQYbYGGuOL%0D%0AuhK6Mm4oOrGcS6OD7KU0ETskYXSWu5SB2xP3qh1UJmKsBncxEd602JvfrYrq2LkLrd0Mk8hjnB%2FG%0D%0A7naxylHVT7rQOJ15iTUuXhZuMtic3BxPzTK7rDX0s46D%2FDwnIu9nx5%2Bnyud19Hk7ftyfPt6a%2FwFG%0D%0ADPms%0D%0A&userName=login&password=password

Response example:

{"redirect":"http://ya.ru?orderId=906bf262-bd53-4ac7-983c-07127954681b","errorCode":0}

5.1.2.2. External MPI


Request parameters:






$CVC N..3 yes CVC









jsonParams AN..1024 no Fields of additional information for storage, the type is . These{"param":"value","param2":"value2"}fields may be transferred to the bank processing for their representation in registers. * This functionality canbe switched on during the integration period at the agreement with bank.

In case of external MPI using, RBS expects that payment request contains " " parameter. If thiseach eciparameter value differs from the values used for SSL-authorizations, it is to send " " and " "necessary xid cavvparameters.

* Fields and its are sent to the bank processing by default (not more than 99 simbols, the following simbols areorderNumber descriptionforbidden to use - %, +, \r, \n)



errorCode N..1 да Code of the error that occurred during registration of the order.

error AN..512 нет Description of the error in the language specified in the Language parameter of the request.

info AN..512 нет The result of the payment attempt. Possible values are represented below:


If = 0 and = "Your order is proceeded, redirecting" - the payment was executed successfully. For other cases see erro description.errorCode info


Value Description

0 No system error

5 There are no payment attemps any more

5 System or internal error

Request example:

MDORDER=0d4b02cb-5147-4232-9012-4d38c743ahr6&$PAN=5555555555555599&$CVC=123&YYYY=2015&MM=12&TEXT=CardHolder&language=ru&jsonParams{"eci":"05","xid":"MDAwMDAwMDEzMzkyMjg5ODExNTc=","cavv":"AAABCpEChRM5IomAKFAAAAAAAAA="}

Response example:

{"info":"Your order is proceeded,redirecting...","redirect":"finish.html?orderId=00d4b02cb-5147-4232-9012-4d38c743ahr6","success":0}


To cancel payment of the order, use request. This functionflity is available for a limited period, that is specified by the Bank.reverse.do



Request parameters:





language A2 no Language according to ISO 639-1. If not specified, the system uses the default language from the merchant's settings.

Error messages returned will be written in this very language.



errorCode N3 no Error code.

errorMessage AN..512 no Description of the error.

Error codes (values of the errorCode field):

Error classification:

Value Description

0 No system error.


6 Unregistered OrderId.

7 System error.


Value Description

0 No system error

5 Access denied



6 No such order

7 Payment must be in a correct state.

7 Reversal is impossible. Reason: wrong internal values, check hold and deposited amounts.

7 System error.


https://web.rbsuat.com/ab/rest/reverse.do?language=en&orderId=80c45f2e-8db4-4d20-9324-5b784a1fd8c3&password=password&userName=userName


language=en&orderId=80c45f2e-8db4-4d20-9324-5b784a1fd8c3

Response example:

{"errorCode":"0","errorMessage":"Success"}

5.1.4. Refund request.

Use request to refund deposited money.refund.do



Request parameters:










Error codes (values of the field)errorCode

Classification:

Value Description

0 No system error.



7 System error.


Value Description

0 No system error

5 Access denied



6 No such order


7 Wrong deposit amount (less than 1 currency unit, e.g. 1 euro).

7 System error.


https://web.rbsuat.com/ab/rest/refund.do?amount=500&currency=810&language=ru&orderId=5e97e3fd-1d20-4b4b-a542-f5995f5e8208&password=password&userName=userName


amount=500&currency=810&language=ru&orderId=5e97e3fd-1d20-4b4b-a542-f5995f5e8208

Response example:

{"errorCode":0}

5.1.5. Order state request

To get the current state of a registered order send data with method (GET or POST) to the corresponding URL (seegetOrderStatus.do"Address data for connections" section).

The order status should be determined by the value of parameter.OrderStatus field is deprecated.authCode

Request parameters:









OrderStatus N2 no This paramater shows order status in the payment gate. Possible values are listed in the tablebelow. Parameter is absent if no order with the specified ID was found.

ErrorCode N3 no Error code.

ErrorMessage AN..512 no Description of the error in the language sent in the Language parameter of the request.

OrderNumber AN..32 yes Number (identifier) of the order in the merchant's system.

Pan N..19 no Masked number of the card that was used in payment. Specified only for paid orders.



Amount N..20 yes Order amount in minimal currency units (e.g. cents).

currency N3 no Code of the payment currency, according to ISO 4217.

approvalCode AN6 no IPS authorization code. The field has fixed length of six characters, it can contain both numbersand letters.

authCode N3 no This parameter is deprecated. Its value is always "2", regardless of the order status and.processing system authorization code

Ip AN..20 no IP address of the user who payed for the order.

bindingInfo (element consits ofclientId and bindingId):

clientId AN..255 no Number of the client (identifier) in the merchant's system. Used to implement a functional ofligament.May be present, if the merchant is allowed to create the ligament.

bindingId AN..255 no Identificator of the ligament created while paying an order or used to pay for. Present only ifcreation of ligaments is allowed for merchant.

The OrderStatus field may have the following values:


0 Order registered, but not paid off.




4 Transaction was refunded.



Error codes (values of the ErrorCode field):

Value Description

0 No system error

2 The order is declined because of an error in the payment credentials.

5 Access denied



6 Unknown order id

7 System error

GET request example:

https://web.rbsuat.com/ab/rest/getOrderStatus.do? language=ru&orderId=5e97e3fd-1d20-4b4b-a542-f5995f5e8208&password=password&userName=userName

POST request example:

orderId=b8d70aa7-bfb3-4f94-b7bb-aec7273e1fce&language=en

Response example:

{"expiration":"201512","cardholderName":"trtr","depositAmount":789789,"currency":"810","approvalCode":"123456","authCode":2,"clientId":"666","bindingId":"07a90a5d-cc60-4d1b-a9e6-ffd15974a74f","ErrorCode":"0","ErrorMessage":"Success","OrderStatus":2,"OrderNumber":"23asdafaf","Pan":"411111**1111","Amount":789789}

5.1.6. Extended order state request

To inquire about state of a registered order, use the request. getOrderStatusExtended.do

Request parameters




orderId ANS36 yes* Order number in the payment gate. Unique within the gate.

orderNumber AN..32 yes* Number (identifier) of the order in the merchant's system.



* It is necessary to specify whether or in the request. If the request contains both parameters, is a priority.orderId orderNumber orderId

There are 3 sets of response parameters. These sets depend on "getOrderStatusExtended version" specified in merchant settings.

Response parameters for versions 01, 02,03:The following parameters are returned regardless version.getOrderStatusExtended



orderStatus N2 no Order status in the payment gate. The value is selected from the variants listed below. Absent, if nomatching order was found.


actionCodeDescription AN..512 yes Action code description on the language passed in the parameter "Language".


errorMessage AN..512 no Description of the error in the language sent in the Language parameter of the request.


currency N3 no Code of the payment currency, according to ISO 4217. If not specified, assumed to be 810 (Russian rubles).



ip N.. yes IP address of the user who payed for the order.

is present in the reponse if the order contains merchant additional parameters. Each additional parameter is described in aElement merchantOrderParamsseparate block by the following fields:



has structure which includes the list of element and the following fields:Element cardAuthInfo secureAuthInfo

pan N..19 no Masked number of the card that was used in payment. Specified only for paid orders.




(includes parameter and element with parameters and ):Element secureAuthInfo eci threeDSInfo cavv xid

eci N..4 no Electronic Commerce Indicator. Set just after the payment order in the case of a permit.

cavv ANS..200 no Cardholder Authentication Verification Value. Set just after the payment order in the case of a permit


Element consits of the following fields:bindingInfo

clientId AN..255 no Client number (ID) in the shop system, transferred during the order registration. Presents only if a shop isallowed to create links.

bindingId AN..255 no The identifier of a link created during order payment or used for payment. Presents only if a shop is allowedto create links.






Response parameters for version 03:



E consists of the following fields:lement paymentAmountInfo


epositedAmount N..20 no Amount confirmed for deposit



consists of the following fields:Element bankInfo




The field may have the following statuses:orderStatus


0 Order registered, but not paid off







Error codes (values of the field):errorCode

Value Description

0 No system error

1 Expected [orderId] или [orderNumber]

2 The order is declined because of an error in the payment credentials

5 Access denied


6 Order not found

7 System error


https://web.rbsuat.com/ab/rest/getOrderStatusExtended.do?userName=userName&password=password&orderId=285b2973-4d02-4980-a54e-57c4d0d2xxx9&language=ru


orderId=285b2973-4d02-4980-a54e-57c4d0d2xxx9&language=ru

Response example:

{"attributes":[],"date":1342007119386,"currency":"810","amount":100,"actionCode":0,"orderNumber":"1212x31334z15","orderDescription":"test","orderStatus":2,"ip":"217.12.97.50","actionCodeDescription":" ","merchantOrderParams":[],"cardAuthInfo":{"expiration":"201512","pan":"411111**1111","approvalCode":"123456","cardholderName":"dsdqdqd","secureAuthInfo":{"eci":5,"threeDSInfo":{"cavv":"AAABCpEAUBNCAHEgBQAAAAAAAAA=","xid":"MDAwMDAwMDEzNDIwMDcxMTk3Njc="}}}}

5.1.7. 3DS enrolled verification request

To inquire about state of 3DS enrolled verification, use the request.verifyEnrollment

Requiest parameters:


userName AN..30 yes User login (API)

password AN..30 yes User password (API)

pan N12...19 yes Card number.



errorCode N3 no Code of the error.

errorMessage AN..512 no Description of the ErrorCode error.

isEnrolled A1 no 3ds enrolled atribute. Available values: Y, N, U.

emitterName AN..160 no Name of the issuer bank

emitterCountryCode AN..4 no Country code of the issuer bank



Значение Описание

0 No system error

1 PAN not specified

1 PAN must be a number from 13 to 19 digits


5 Access denied

6 No info found for specified PAN.

7 System error.


https://web.rbsuat.com/ab/rest/verifyEnrollment.do? userName=api&password=***&pan=4111111111111111


pan=4111111111111111

Response example:

{"errorCode":"0","errorMessage":"","emitterName":"TEST CARD", "emitterCountryCode":"RU","enrolled":"Y"}

5.1.8. Payment by binding request

paymentOrderBinding request is used for performing the payment by bindings (see "Address data for connections (bindings functionality)"section).

Request parameters:


userName AN..30 yes Shop login obtained during connection

password AN..30 yes Shop password obtained during connection

mdOrder ANS36 yes Order number in payment system. Is unique within payment system.

bindingId AN..255 yes The identifier of a link created during order payment or used for payment. Presents only if a shop is allowed to createlinks.

language A2 no Language in ISO 639-1 code. If it is not specified then the language which is specified in shop settings will be used bydefault (default language)

ip NS15 yes Customer IP address

cvc N..3 no CVC code. This parameter is mandatory, if the merchant does not have a permission "Can pay without CVC".

email ANS..* no Customer email address



redirect ANS..* in case of SSL payment URL to which the user is redirected after the payment

info ANS..* yes The result of the payment attempt. Possible values are represented below:


success N1 yes Code of the error

error AN..* in case of error Description of the ErrorCode error

acsUrl ANS..* in case of 3DS payment URL for redirection from ACS

paReq ANS..* in case of 3DS payment Payment Authentication Request

termUrl ANS..* in case of 3DS payment Payment Authentication Request

Possible codes for errors (the field):success

Value Description

0 Success

1 It is necessary to specify CVC2/CVV2, since the merchant does not have a permission to provide payments without CVC.

1 Incorrect CVC format

1 Invalid language

2 No binding found

2 No order found

5 User must change his password

5 Access denied

7 System error


mdOrder=65401edc-3fa1-4112-87fd-a569ca69fb6a&bindingId=41954212-70a7-4eae-8430-90c1a87beda7

Response example:

{"info":"Your order is proceeded, redirecting...", "redirect":"finish.html?login=username&password=testPwd&orderId=65401edc-3fa1-4112-87fd-a569ca69fb6a", "success":0}

5.2. Two-phase payment requests

5.2.1. Order preauthorization request

To register an order in the payment gate use request (see "Address data for connections" section). register.do

Request parameters:






currency N3 yes Code of the payment currency, according to ISO 4217.

returnUrl AN..512 yes Web address that the client should be redirected to after successful payment. Absolute link must be specified.



language A2 no Language according to ISO 639-1. If not specified, the system uses the default language from the merchant'ssettings.


DESKTOP – to upload pages designed for displaying on PC monitors (pages with names payment_<loc and from archive of payment interface pages);ale>.html ocale>.htmlerrors_<l

MOBILE – to upload pages designed for displaying on mobile devices (pages with names mobile_paym and from archive of payment interfaceent_<locale>.html ocale>.htmlmobile_errors_<l

pages);If the merchant has pages with names formed by adding of some prefix to the template part of the pagename, then you can specify necessary prefix in the parameter in order to redirect client to thepageViewcorresponding page. For example, if = then pages with names pageView iphone iphone_payment_<l

and will be used.ocale>.html iphone_error_<locale>.html

Where:



clientId AN..255 no Client number (ID) in the shop system. It is used for bundles functionality implementation. Presents only if ashop is allowed to create links.


jsonParams AN..1024 no Block for sending of merchant additional parameters. Fields of additional information for storage, should besent as:

{"<name1>":"<value1>",...,"<nameN>":"<valueN>"},



If notification of the client is switched on for the merchant, this block should contain parameter with name emai which value is a client's email.l



If the request contains , the parameter is ignoredexpirationDate parameter sessionTimeoutSecs .

expirationDate ANS no Date and time of termination of order life. Format: .yyyy-MM-ddTHH:mm:ss

If this parameter is not specified, the sessionTimeoutSecs parameter is used to determine date and time oftermination of order life.

bindingId AN..255 no Identificator of the binding, that was created earlier. May be used only if the merchant has permission to workwith bindings. If this parameter is sent in the request, that means: 1. This order may be payed only by binding; 2. The payer will be redirected to a payment page, where entering of CVC only is required.






orderId ANS36 no Order number in the payment gate. Unique within the gate. Absent if order registration failed (error is described in err).orCode

formUrl AN..512 no URL of the payment form that the client should be redirectd to. Absent if order registration failed (error is described in e).rrorCode

errorCode N3 no Code of the error that occurres during registration.

errorMessage AN..512 no Description of the error in the language sent in the parameter of the request.language

Error codes (values of the field)errorCodeErrors classification:

Value Description

0 No system error.

1 Order number is duplicated, order with given order number is processed already

3 Unknown currency

4 Mandatory request parameter was not specified


7 System error.


Value Description

0 No system error

1 Order with this number was already processed.

1 Order with this number was registered, but was not paid off.

1 Invalid orderNumber

3 Unknown currency.


4 Empty merchant user name

4 Empty amount

4 Return URL cannot be empty

4 Password cannot be empty


5 Access denied


5 Invalid [jsonParams]

7 System error


https://web.rbsuat.com/ab/rest/register.do?amount=100&currency=810&language=ru&orderNumber=87654321&password=password&returnUrl=https://web.rbsuat.com/ab/finish.html&userName=userName&jsonParams={"orderNumber":1234567890}&pageView=MOBIL&expirationDate=2014-09-08T14:14:14&merchantLogin=merch_child


amount=100&currency=810&language=ru&orderNumber=87654321&returnUrl=https://web.rbsuat.com/ab/finish.html&jsonParams={"orderNumber":1234567890}&pageView=MOBIL&expirationDate=2014-09-08T14:14:14&merchantLogin=merch_child

Response example:

{"orderId":"70906e55-7114-41d6-8332-4609dc6590f4","formUrl":"https://web.rbsuat.com/ab/merchants/test/mobile_payment_ru.html?mdOrder=70906e55-7114-41d6-8332-4609dc6590f4"}




PAN Full card number Luna validation (checking if the card number is real), the number of digits in the card number - from 13 to20

CVC CVC code 3 digits

YYYY,MM

Year, month of cardexpiry

The date in present or future. It the card expiry is a current month, the payment is possible untis the endof the month

TEXT Cardholder name Is not verified

5.2.2.1. Internal MPI .


Only POST request is supported.

Request parameters:






$CVC N..3 yes CVC









jsonParams AN..1024 no Fields of additional information for storage, the type is . These{"param":"value","param2":"value2"}fields may be transferred to the bank processing for their representation in registers.

Fields and its are sent to the bank processing by default (not more than 99orderNumber descriptionsimbols, the following simbols are forbidden to use - %, +, \r, \n).








redirect AN..512 no Address for return after the payment

termUrl AN..512 no Is not used in payments, that does not require additional authentication on Issuing bank ACS.




Name Type

0 No system error

5 There are no payment attempts any more

5 System or intenal error

Request example:

MDORDER=0d4b02cb-5147-4232-9012-4d38c743ahr6& $PAN=5555555555555599&$CVC=123&YYYY=2015&MM=12&TEXT=Card Holder&language=ru


{"redirect":"www.ya.ru?MDORDER=8cfb5c89-c2db-49e4-80c5-a0569c897cbf&ANSWER=%3C%3Fxml+version%3D%221.0%22+encoding%3D%22UTF-8%22%3F%3E%0A%3CPSApiResult+primaryRC%3D%220%22+secondaryRC%3D%220%22%2F%3E&STATE=payment_deposited&ACTION_CODE=0&AUTH_CODE=2","info":"Your order is proceeded,redirecting...","errorCode":0}


{"info":"Your order is proceeded, redirecting...","acsUrl":"https://web.rbsuat.com/acs/auth/start.do","paReq":"eJxVUdFygjAQ/BWG9xKioNQ54tCirQ+oo/QDKNwAVYIGENuvbyJQ60Nmdu8um80ezK/FUbugqPKS\nuzo1TF1DHpdJzlNX/wiXT44+ZxBmAtHfY9wIZBBgVUUpanni6kWVGlRnsPV2eGbQKzEpZIyADFRe\nEXEW8ZpBFJ9fVmtmjaYT0wTSUyhQrHw2BdIB4FGBbI8X5Is8zep1zhHIrQhx2fBafLOJNQYyEGjE\nkWV1fZoR0ratkZZlekRDNEBUB8jdwbZRqJJK1zxhge+13Vn8bMLD9yZM7eDLs4Lw4AJRE5BENbKR\nSS3TNm2NOjPTmVnS+60OUaEsMGrKrvpQR+GkXvEee/9rILMUMurhHwMDvJ5KjnJC5veHgdxdv76r\nFONaxuSveRIvnyfeWxjsNk4QHXJaFZ/V+NIuVba3IaWYy4ioTTtJRYAoGdKvjfQrlehh1b8el7SS\n","termUrl":"https://web.rbsuat.com/:443/ab/rest/finish3ds.do","errorCode":0}


In order to redirect client to ACS, the merchant must perform redirection to the adress specified in the parameter with the body ofacsUrlthe request:

MD=mdorder&PaReq=pareq&TermUrl=termUrl,

Where:

mdorder - unique order number in the payment gate system,pareq - a parameter from the response to the payment request,termUrl - a parameter from the response to the payment request.


5.2.2.1.1. Return to payment gate from ACS



In this scheme issuing bank ACS executes authentication of the cardholder and redirects him to the merchant. from ACS is sent to thePAResmerchant. Then the merchant transfers it to the payment gate by the method.finish3DSPayment.do

Description of is represented below:finish3DSPayment.do

Request parameters:


mdOrder AN..30 yes Order number received after order registration




redirect AN..512 no URL of the payment form, where the client's browser to be redirected.



If = 0 - the payment was executed successfully. For other cases see error description.errorCode


Value Description

0 No system error.

5 Access denied



7 System error

Request example:

https://web.rbsuat.com/ab/rest/finish3dsPayment.do?mdOrder=906bf262-bd53-4ac7-983c-07127954681b&paRes=eJzFV2uTokoS%2FSsTcz8aPYCC6A3HiOKNCshT8BtCyRuUN%2Fz6RXu6p%2B9s78bsbtxYIgyLE5VJnso8%0D%0AlVUbIywhZHToNSXcbiRYVW4Av0T%2B969ZFXzDvm43R6DB6on4qwW%2Bdq%2FwhVi58AVfXvAXlySWL95l%0D%0AQULU8yD0HwYtLKuoyLfYN%2FTbfIO8vU7OSy9083q7cb07JcpbfE4uUXSD%2FHjdZLAUmS25QV4HG%2BSn%0D%0AxbF5jKopxD7ytxIDutcfOypGMigGi8mj2Mlj8n2DPGZsfLeG2zmK4SiBEl%2Bw5Z%2Fo8k9siuaJb24P%0D%0AdyArmsn3nEDRRxQfsc20HCXMvWG7xBcb5P1tA%2FtbkcOH1QZ5H2%2BQn%2BHd3HyLfniw6Zl8T%2BjGsLeb%0D%0AOso%2BDeuJb6rarZtq62yQH6ON57btFgBAUQt%2FlELlvNechTSAt2ei%2B5yygV60RYkpqOn%2FaQXSoCij%0D%0AOsweof4V2CCPUJBnYrcbPQry6WMl%2FNJnaV59%2FxrW9e1PBOm67lu3%2BFaUATKfiCDoGpkm%2BFUU%2FPH1%0D%0A1Qr6Yn4t%2FiMz2s2LPPLcNBrdeqoKCdZh4X95j%2B0zN4b28IQhGku%2FTK5ePAzPXx4IusCIySfyudMP%0D%0AzH7nK78GW1buSxW6j4JGfnG03WjwCh8VAb%2BYmvj96x%2B%2FqQwmCmBV%2FzfRvEXy0cObP8tNG7hlvTHg%0D%0AZld%2BdR0XC5bRZ0wYBGuMX0TS9ze715kb5D38H9xeE%2FlhwV4nhqxy1zVg8vNYF6J7bIQ75sC31BX1%0D%0AvfnyZIdDwMh25uRqdQpmB%2FFgIVlIKGMHfIHB%2FQYfHIkQuagyA0JJOEij%2FEj267KDx4zB6cpEayhj%0D%0A6JGjXBat9Pu51hZ3S7RqlaN3A4Pn%2BpAplzUteVK%2FNnftIfCCarw7pnsiLt3N6B2MtOSdkF%2BC7x%2BS%0D%0A9IPlHg6vrGwCXTNu7b6OaFjW0XWqlmkfkESRLgyaBsE9AJ1IgUDcgWPO6SN0oll6kQDK0%2Fqd18XL%0D%0AglFZilJNILGgp0ewowLZooBjgNQyJA10TOAwlqru2c5nHHsXnnlulNSuo1%2FxA9vJqm6pPWuA46ut%0D%0AZNACdfNpbLjM16hE4TZjsKjESJ0cA1QazV7iigkTn5g0vmOdyrAHCSQ8wEyWCiXasqSeZYDy6rcw%0D%0AKFQOvYxLHFvqGQbsX%2FHKABi1sxhWk8DqaQt6SfT4FD3Yu%2FayULvgvOoY1dnti7MYtp4MnpzBRA0F%0D%0AksjvQMFTYM%2BTfuSWjBpgpBln7c6tBE6PT%2BHRv6yR9c0%2Btyewb7x1d7%2FHzCJvzWU3a3a1I3J3GW9t%0D%0AehYnJExwiyPjNmG4hYai11xIl51iNddRTTlAzlT7djIkvrosh6ELbamzLp6yajDc4y2knxEW7BIj%0D%0AKC3tcj%2Bnii1mME3l9oRdqx0hRLp1FVZwSEEgUQDwceCKT26COuVCQxWKclhOThaLcK1iFH%2BNCrLp%0D%0A9zKcp46PCc1OEsBjfXyx024SD8G%2Fm1uYeqLGUzbVqqPVZ655tttZ5siqEsCf60yHkqDOucE5aaE3%0D%0AspI0LeQT7yXGZFNT0tiO6Z62DNuFnWurtZetW1%2F8tR67Z1xsp3ISmLhd%2Fylf3Gu%2BWCDC87m21XtK%0D%0A7VHcnQdRxicF4h7mzknSghDFB2M%2FiztSSXaIefIBFpArc5cQSGns1nOCXEcFUVbZQbCtWXPylqdy%0D%0AKXIKDq59pLYz%2FoQcJXV1a%2FB1sYLtejBaxy2qlX3ER99UcK2yqW5dOlqjH3GlndfKfn8sMmV3cC86%0D%0AMVVfShdNQpI40hvsJN5flfmpVPPxIdXop1SnKucREQpdvf5%2FSlVmnFHG%2FirVH1h3jP8nqR4fvH5I%0D%0AlX9K9SSHkxSvv%2FIFE9%2Bp2mTA0FSkTm5URl91ScOZHJ64buTqh5lGLC03GbFm6jwOd0fYwt6NB71D%0D%0AQe2eVhgUGjoc4Iq0A4Y%2F2g1g6eKy17BbQcZZ1pIylt2LtPcPdQ0KYi%2BWpzVU5OUMmS10vBaTZl%2Fe%0D%0AZ0vrYAy9TtQZKUzYwhICxW2c%2Bxl0Pt3r3F1suLhq4rCa2XbfdlRTEFUnMkAFVIHz0ZMb9eTsM4F6%0D%0AoihdhwoCbq2PiM6xCEEgYKLP6vIN2TNU91gvQZdY16DygDLO8hq%2FmrKq5fhdISs9tuvbSfA1MnI5%0D%0A9saKf9PWqdO0yhC9WS0ysb2dxkmbj7g0iaUMMHETkM%2Fqc8oXBejaptC2TtGZapqtwKfFKrjTXRyH%0D%0AHXO4uXNLq1K3qfZ8vcJP6TGyUUOYU%2Fc%2BQ8bsOFCxnDf2iRcyFd8HXHZ3UR1yGLgeEWcBTpDdgeWu%0D%0AgDGxynk0LJe0p1z6kp51QNKOjJgeBGVGYOoQ32RuLdCzZL689KZ7O1dz64TMb95xSWa1Kgx25Ki%2F%0D%0AJ1Nq9uiop%2F2bTE1pPbWOJqHtBp%2F5eXPwhjM77Bt8tQo%2B273%2BHsm8S1btJ8nisgF6%2BdldWewXrBNj%0D%0Aduob%2BJsP28rS0dEpwxd24SXzU5G1pjaUDlCnlLPt%2FV7XFB2%2BVNG7tM%2FpS2UkeKdTUd4J3HrG32v7%0D%0AeIgx2tnPdT%2FLmVpC1%2BMSdk17UOvMUwaubWoMoeZJo2p8CfXrCuHJS3XjclU9hXToTYe9DCACqpjl%0D%0APnKUgIpMkT7g0SGIjYt%2F5cANMjiXFDDDiOvcSpXVsrQKkpArgPX22WLQEsbKFQTUVTbat675WPOf%0D%0AHYelkE6lJQD%2BZceRZX%2BJHI2BnN0DWd%2Bdg%2BqCCnmEEGrEqUrSoNJhQeAXWshEyYMhvuOQYbYGGuOL%0D%0AuhK6Mm4oOrGcS6OD7KU0ETskYXSWu5SB2xP3qh1UJmKsBncxEd602JvfrYrq2LkLrd0Mk8hjnB%2FG%0D%0A7naxylHVT7rQOJ15iTUuXhZuMtic3BxPzTK7rDX0s46D%2FDwnIu9nx5%2Bnyud19Hk7ftyfPt6a%2FwFG%0D%0ADPms%0D%0A&userName=login&password=password

Response example:

{"redirect":"http://ya.ru?orderId=906bf262-bd53-4ac7-983c-07127954681b","errorCode":0}

5.2.2.2. External MPI .


Request parameters:






$CVC N..3 yes CVC









jsonParams AN..1024 no Fields of additional information for storage, the type is . These{"param":"value","param2":"value2"}fields may be transferred to the bank processing for their representation in registers. * This functionality canbe switched on during the integration period at the agreement with bank.

In case of external MPI using, RBS expects that payment request contains " " parameter. If thiseach eciparameter value differs from the values used for SSL-authorizations, it is to send " " and " "necessary xid cavvparameters.

* Fields and its are sent to the bank processing by default (not more than 99 simbols, the following simbols areorderNumber descriptionforbidden to use - %, +, \r, \n)



errorCode N..1 да Code of the error that occurred during registration of the order.

error AN..512 нет Description of the error in the language specified in the Language parameter of the request.

info AN..512 нет The result of the payment attempt. Possible values are represented below:


If = 0 and = "Your order is proceeded, redirecting" - the payment was executed successfully. For other cases see erro description.errorCode info


Value Description

0 No system error

5 There are no payment attemps any more

5 System or internal error

Request example:

MDORDER=0d4b02cb-5147-4232-9012-4d38c743ahr6&$PAN=5555555555555599&$CVC=123&YYYY=2015&MM=12&TEXT=CardHolder&language=ru&jsonParams{"eci":"05","xid":"MDAwMDAwMDEzMzkyMjg5ODExNTc=","cavv":"AAABCpEChRM5IomAKFAAAAAAAAA="}

Response example:

{"info":"Your order is proceeded,redirecting...","redirect":"finish.html?orderId=00d4b02cb-5147-4232-9012-4d38c743ahr6","success":0}

5.2.3. Order completion request

Use request to complete preauthorized payment.deposit.do

This operation can be performed if there is a corresponding permission in the system.

Request parameters:






Attention!!! If you specify zero in parameter, completion occurs for the entire pre-authorized amount.amount

Response parameters




Error codes (values of the errorCode field)


Value Description

0 No system error.



7 System error.


Value Description

0 No system error

5 Access denied


5 Invalid amount

5 Deposit amount must be zero, or more than 1 currency unit (e.g. 1 euro).

6 Wrong order number.


7 System error.


https://web.rbsuat.com/ab/rest/deposit.do? amount=100&currency=810&language=ru&orderId=e5b59d3d-746b-4828-9da4-06f126e01b68 &password=testPwd&userName=testtest


amount=100&currency=810&language=ru&orderId=e5b59d3d-746b-4828-9da4-06f126e01b68

Response example:

{"errorCode":0}


To cancel payment of the order, use request. This functionflity is available for a limited period, that is specified by the Bank.reverse.do



Request parameters:











Error codes (values of the errorCode field):


Value Description

0 No system error.



7 System error.


Value Description

0 No system error

5 Access denied



6 No such order


7 Reversal is impossible. Reason: wrong internal values, check hold and deposited amounts.

7 System error.


https://web.rbsuat.com/ab/rest/reverse.do?language=en&orderId=80c45f2e-8db4-4d20-9324-5b784a1fd8c3&password=password&userName=userName


language=en&orderId=80c45f2e-8db4-4d20-9324-5b784a1fd8c3

Response example:

{"errorCode":"0","errorMessage":"Success"}

5.2.5. Refund request.

Use request to refund deposited money.refund.do



Request parameters:










Error codes (values of the field)errorCode

Classification:

Value Description

0 No system error.



7 System error.


Value Description

0 No system error

5 Access denied



6 No such order


7 Wrong deposit amount (less than 1 currency unit, e.g. 1 euro).

7 System error.


https://web.rbsuat.com/ab/rest/refund.do?amount=500&currency=810&language=ru&orderId=5e97e3fd-1d20-4b4b-a542-f5995f5e8208&password=password&userName=userName


amount=500&currency=810&language=ru&orderId=5e97e3fd-1d20-4b4b-a542-f5995f5e8208

Response example:

{"errorCode":0}

5.2.6. Order state request

To get the current state of a registered order send data with method (GET or POST) to the corresponding URL (seegetOrderStatus.do"Address data for connections" section).

The order status should be determined by the value of parameter.OrderStatus field is deprecated.authCode

Request parameters:









OrderStatus N2 no This paramater shows order status in the payment gate. Possible values are listed in the tablebelow. Parameter is absent if no order with the specified ID was found.

ErrorCode N3 no Error code.

ErrorMessage AN..512 no Description of the error in the language sent in the Language parameter of the request.

OrderNumber AN..32 yes Number (identifier) of the order in the merchant's system.

Pan N..19 no Masked number of the card that was used in payment. Specified only for paid orders.



Amount N..20 yes Order amount in minimal currency units (e.g. cents).

currency N3 no Code of the payment currency, according to ISO 4217.

approvalCode AN6 no IPS authorization code. The field has fixed length of six characters, it can contain both numbersand letters.

authCode N3 no This parameter is deprecated. Its value is always "2", regardless of the order status and.processing system authorization code

Ip AN..20 no IP address of the user who payed for the order.

bindingInfo (element consits ofclientId and bindingId):

clientId AN..255 no Number of the client (identifier) in the merchant's system. Used to implement a functional ofligament.May be present, if the merchant is allowed to create the ligament.

bindingId AN..255 no Identificator of the ligament created while paying an order or used to pay for. Present only ifcreation of ligaments is allowed for merchant.

The OrderStatus field may have the following values:


0 Order registered, but not paid off.




4 Transaction was refunded.



Error codes (values of the ErrorCode field):

Value Description

0 No system error

2 The order is declined because of an error in the payment credentials.

5 Access denied



6 Unknown order id

7 System error


https://web.rbsuat.com/ab/rest/getOrderStatus.do? language=ru&orderId=5e97e3fd-1d20-4b4b-a542-f5995f5e8208&password=password&userName=userName


orderId=b8d70aa7-bfb3-4f94-b7bb-aec7273e1fce&language=en

Response example:

{"expiration":"201512","cardholderName":"trtr","depositAmount":789789,"currency":"810","approvalCode":"123456","authCode":2,"clientId":"666","bindingId":"07a90a5d-cc60-4d1b-a9e6-ffd15974a74f","ErrorCode":"0","ErrorMessage":"Success","OrderStatus":2,"OrderNumber":"23asdafaf","Pan":"411111**1111","Amount":789789}

5.2.7. Extended order state request

To inquire about state of a registered order, use the request. getOrderStatusExtended.do

Request parameters




orderId ANS36 yes* Order number in the payment gate. Unique within the gate.

orderNumber AN..32 yes* Number (identifier) of the order in the merchant's system.



* It is necessary to specify whether or in the request. If the request contains both parameters, is a priority.orderId orderNumber orderId

There are 3 sets of response parameters. These sets depend on "getOrderStatusExtended version" specified in merchant settings.

Response parameters for versions 01, 02,03:The following parameters are returned regardless version.getOrderStatusExtended



orderStatus N2 no Order status in the payment gate. The value is selected from the variants listed below. Absent, if nomatching order was found.


actionCodeDescription AN..512 yes Action code description on the language passed in the parameter "Language".


errorMessage AN..512 no Description of the error in the language sent in the Language parameter of the request.


currency N3 no Code of the payment currency, according to ISO 4217. If not specified, assumed to be 810 (Russian rubles).



ip N.. yes IP address of the user who payed for the order.

is present in the reponse if the order contains merchant additional parameters. Each additional parameter is described in aElement merchantOrderParamsseparate block by the following fields:



has structure which includes the list of element and the following fields:Element cardAuthInfo secureAuthInfo

pan N..19 no Masked number of the card that was used in payment. Specified only for paid orders.




(includes parameter and element with parameters and ):Element secureAuthInfo eci threeDSInfo cavv xid

eci N..4 no Electronic Commerce Indicator. Set just after the payment order in the case of a permit.

cavv ANS..200 no Cardholder Authentication Verification Value. Set just after the payment order in the case of a permit


Element consits of the following fields:bindingInfo

clientId AN..255 no Client number (ID) in the shop system, transferred during the order registration. Presents only if a shop isallowed to create links.

bindingId AN..255 no The identifier of a link created during order payment or used for payment. Presents only if a shop is allowedto create links.








E consists of the following fields:lement paymentAmountInfo


epositedAmount N..20 no Amount confirmed for deposit



consists of the following fields:Element bankInfo




The field may have the following statuses:orderStatus


0 Order registered, but not paid off







Error codes (values of the field):errorCode

Value Description

0 No system error

1 Expected [orderId] или [orderNumber]

2 The order is declined because of an error in the payment credentials

5 Access denied


6 Order not found

7 System error


https://web.rbsuat.com/ab/rest/getOrderStatusExtended.do?userName=userName&password=password&orderId=285b2973-4d02-4980-a54e-57c4d0d2xxx9&language=ru


orderId=285b2973-4d02-4980-a54e-57c4d0d2xxx9&language=ru

Response example:

{"attributes":[],"date":1342007119386,"currency":"810","amount":100,"actionCode":0,"orderNumber":"1212x31334z15","orderDescription":"test","orderStatus":2,"ip":"217.12.97.50","actionCodeDescription":" ","merchantOrderParams":[],"cardAuthInfo":{"expiration":"201512","pan":"411111**1111","approvalCode":"123456","cardholderName":"dsdqdqd","secureAuthInfo":{"eci":5,"threeDSInfo":{"cavv":"AAABCpEAUBNCAHEgBQAAAAAAAAA=","xid":"MDAwMDAwMDEzNDIwMDcxMTk3Njc="}}}}

5.2.8. 3DS enrolled verification request

To inquire about state of 3DS enrolled verification, use the request.verifyEnrollment

Requiest parameters:


userName AN..30 yes User login (API)

password AN..30 yes User password (API)

pan N12...19 yes Card number.



errorCode N3 no Code of the error.

errorMessage AN..512 no Description of the ErrorCode error.

isEnrolled A1 no 3ds enrolled atribute. Available values: Y, N, U.

emitterName AN..160 no Name of the issuer bank

emitterCountryCode AN..4 no Country code of the issuer bank


Значение Описание

0 No system error

1 PAN not specified

1 PAN must be a number from 13 to 19 digits


5 Access denied

6 No info found for specified PAN.

7 System error.


https://web.rbsuat.com/ab/rest/verifyEnrollment.do? userName=api&password=***&pan=4111111111111111


pan=4111111111111111

Response example:

{"errorCode":"0","errorMessage":"","emitterName":"TEST CARD", "emitterCountryCode":"RU","enrolled":"Y"}

5.2.9. Payment by binding request

paymentOrderBinding request is used for performing the payment by bindings (see "Address data for connections (bindings functionality)"section).

Request parameters:


userName AN..30 yes Shop login obtained during connection

password AN..30 yes Shop password obtained during connection

mdOrder ANS36 yes Order number in payment system. Is unique within payment system.

bindingId AN..255 yes The identifier of a link created during order payment or used for payment. Presents only if a shop is allowed to createlinks.

language A2 no Language in ISO 639-1 code. If it is not specified then the language which is specified in shop settings will be used bydefault (default language)

ip NS15 yes Customer IP address

cvc N..3 no CVC code. This parameter is mandatory, if the merchant does not have a permission "Can pay without CVC".

email ANS..* no Customer email address



redirect ANS..* in case of SSL payment URL to which the user is redirected after the payment

info ANS..* yes The result of the payment attempt. Possible values are represented below:


success N1 yes Code of the error

error AN..* in case of error Description of the ErrorCode error

acsUrl ANS..* in case of 3DS payment URL for redirection from ACS

paReq ANS..* in case of 3DS payment Payment Authentication Request

termUrl ANS..* in case of 3DS payment Payment Authentication Request

Possible codes for errors (the field):success

Value Description

0 Success

1 It is necessary to specify CVC2/CVV2, since the merchant does not have a permission to provide payments without CVC.

1 Incorrect CVC format

1 Invalid language

2 No binding found

2 No order found

5 User must change his password

5 Access denied

7 System error


mdOrder=65401edc-3fa1-4112-87fd-a569ca69fb6a&bindingId=41954212-70a7-4eae-8430-90c1a87beda7

Response example:

{"info":"Your order is proceeded, redirecting...", "redirect":"finish.html?login=username&password=testPwd&orderId=65401edc-3fa1-4112-87fd-a569ca69fb6a", "success":0}

6. Test cardsВ качестве Cardholder name (Имя владельца карты) указывайте от 2 слов в английской раскладке. / Use two or more words in Romanletters as the name of the cardholder.

Для всех карт, вовлечённых в 3-D Secure ( ) пароль на ACS: 12345678. / For cards involeved into 3-D Secure (veres=y, pares=y или a veres=y,) ACS password is 12345678.pares=y or a

Тестовые карты / Test cards:

pan: 4111 1111 1111 1111 exp date: 2019/12

cvv2: 1233dsecure: veres=y, pares=y

pan: 5100 0000 0000 0008 exp date: 2017/12


pan: 6011 0000 0000 0004 exp date: 2019/12


pan: 6390 0200 0000 000003 exp date: 2019/12

cvv2: 123(необязательный параметр)

3dsecure: veres=y, pares=a

pan: 5555 5555 5555 5599 exp date: 2019/12

cvv2: 1233dsecure: veres=n

pan: 4444 0000 0000 1111 exp date: 2019/12

cvv2: 1233dsecure: veres=n

pan: 2200 0000 0000 0004 :exp date 2019/12

cvc: 1233dsecure: veres=n

pan: 2200 0000 0000 0012 :exp date 2019/12

cvc: 1233dsecure: veres=y pares=n

pan: 2200 0000 0000 0020 :exp date 2019/12

cvc: 1233dsecure: veres=u

Тестовая среда не предназначена для нагрузочного тестирования - в случае необходимости проведения такого тестированияТСП должно обратиться в Банк.

pan: 2200 0000 0000 0038 :exp date 2019/12

cvc: 1233dsecure: veres=y pares=u

pan: 2200 0000 0000 0046 :exp date 2019/12

cvc: 1233dsecure: veres=y pares=a

pan: 2200 0000 0000 0053 :exp date 2019/12

cvc: 1233dsecure: veres=y pares=y

Карта МИР

pan: 2200 0000 0000 0053 exp date: 2019/12 cvv2: 1233dsecure: VeRes=Y, PaRes=Y

Карта МИР

pan: 2200 0000 0000 0046 exp date: 2019/12 cvv2: 1233dsecure: VeRes=Y, PaRes=A

Карта МИР

pan: 2200 0000 0000 0012exp date: 2019/12 cvv2: 1233dsecure: VeRes=Y, PaRes=N

Карта МИР

pan: 2200 0000 0000 0038exp date: 2019/12 cvv2: 1233dsecure: VeRes=Y, PaRes=U

Карта МИР

pan: 2200 0000 0000 0020exp date: 2019/12 cvv2: 1233dsecure: VeRes=U

Карта МИР

pan: 2200 0000 0000 0004exp date: 2019/12 cvv2: 1233dsecure: VeRes=N

Карты, возвращающие ошибки /Cards returning errors:

pan: 5555 5555 5555 5557 exp date: 2019/12

cvv2: 1233dsecure: veres=y, pares=u

pan: 4444 3333 2222 1111 exp date: 2019/12

cvv2: 1233dsecure: veres=y, pares=u

Declined. PaRes status is U (-2011)

pan: 4000 0000 0000 0002 exp date: 2019/12

cvv2: 1233dsecure: veres=u

pan: 5555 5555 4444 4442 exp date: 2019/12

cvv2: 1233dsecure: veres=u

Declined. VeRes status is U (-2016)

pan: 4444 4444 4444 4422 exp date: 2019/12

cvv2: 123

Invalid message format (913)

pan: 4444 4444 4444 4455 exp date: 2019/12

cvv2: 123

Card limitations exceeded (902)

pan: 4444 4444 4444 3333 exp date: 2019/12

cvv2: 123

Limit exceeded (123)

pan: 4444 4444 4444 6666 exp date: 2019/12

cvv2: 123

BLOCKED_BY_LIMIT (-20010)

pan: 4444 4444 1111 1111 exp date: 2019/12

cvv2: 123

Network refused transaction (5)

pan: 4444 4444 9999 9999 exp date: 2019/12

cvv2: 123

TDSEC_COMM_ERROR (151017)

pan: 5432 5432 5432 5430 exp date: 2018/08

cvv2: 521

INSUFFICIENT_FUNDS (116)

7. Address data for connectionsEmployees of a merchant can access the console or make API requests using logins and passwords of a user associated with the merchant.

Description of the test service (WSDL) can be found at the address .webservices/merchant-ws?wsdlhttps://web.rbsuat.com/ab/

URLs for access to REST methods:

Method name URL

Order registration rest/register.dohttps://web.rbsuat.com/ab/

Preauthorized order registration rest/registerPreAuth.dohttps://web.rbsuat.com/ab/

Request for order completion rest/deposit.dohttps://web.rbsuat.com/ab/

Order payment request rest/paymentorder.dohttps://web.rbsuat.com/ab/

Finish3ds request rest/finish3dsPayment.dohttps://web.rbsuat.com/ab/

Order reversal request rest/reverse.dohttps://web.rbsuat.com/ab/

Refund request rest/refund.dohttps://web.rbsuat.com/ab/

Request for status of an order rest/getOrderStatus.dohttps://web.rbsuat.com/ab/

Request for extended status of an order rest/getOrderStatusExtended.dohttps://web.rbsuat.com/ab/

3DS enrolled verification request rest/verifyEnrollment.dohttps://web.rbsuat.com/ab/

Payment by binding request rest/paymentOrderBinding.dohttps://web.rbsuat.com/ab/

8. Appendix 1. Response codes - actionCode description (processinganswer)Код ответа – это цифровое обозначение результата, к которому привело обращение к системе со стороны пользователя. В системеопределены следующие коды:

Action code – digital code of a result received after a client addressed to the system. The following codes exist in the system:

Actioncode

error_id error_message Описание / Description Рекомендованные сообщения для Клиента /Recommended messages for a Client

-20010 -20010 BLOCKED_BY_LIMIT Транзакция отклонена по причине того, что размерплатежа превысил установленные лимитыБанком-эмитентом / Transaction is rejected since the amount exceeds limitsspecified by the Issuing bank

Ошибка проведения платежа. Попробуйте позднее. Еслиданная ошибка возникла повторно, обратитесь в Ваш банкдля разъяснения причин. Телефон банка должен бытьуказан на обратной стороне карты. /

Payment error. If this error occures repeatedly,Try again later.please contact your bank for more details. You can find banktelephone number on the back side of your bank card.

-9000 -9000 Started Состояние начала транзакции / State of transactionstart

При возникновении данного actionCode сообщение Клиентуне отображается.

-3003 -3003 Неизвестно Неизвестно / Unkown Ошибка проведения платежа. Попробуйте позднее. /Payment error. Please try again later.

https://web.rbsuat.com/ab/webservices/merchant-ws?wsdl

https://web.rbsuat.com/ab/rest/register.do

https://web.rbsuat.com/ab/rest/registerPreAuth.do

https://web.rbsuat.com/ab/rest/deposit.do

https://web.rbsuat.com/ab/rest/paymentorder.do

https://web.rbsuat.com/ab/rest/finish3dsPayment.do

https://web.rbsuat.com/ab/rest/reverse.do

https://web.rbsuat.com/ab/rest/refund.do

https://web.rbsuat.com/ab/rest/getOrderStatus.do

https://web.rbsuat.com/ab/rest/getOrderStatusExtended.do

https://web.rbsuat.com/ab/rest/verifyEnrollment.do

https://web.rbsuat.com/ab/rest/paymentOrderBinding.do

-2102 -2102 Блокировка по именипассажира

Блокировка по имени пассажира / Regect by apassanger name

Ошибка проведения платежа. Обратитесь к представителю для разъяснения причин. /магазина

Payment error. lease contact representative of the merchantPfor more details.

-2101 -2101 Блокировка по e-mail Блокировка по e-mail / Reject by email Ошибка проведения платежа. Обратитесь к представителю для разъяснения причин. /магазина


-2020 -2020 Получен неверный ECI Получен неверный ECI. Код выставляется в томслучае, если пришедший в PaRes ECI несоответствует допустимому значению для даннойМПС. Правило работает только для Mastercard(01,02) и Visa (05,06), где значения в скобках -допустимые для МПС. / Invalid ECI. This code means that ECI received in PaResis not valid for the IPS. The rule applies only toMastercard (available values - 01,02) and Visa (availablevalues - 05,06).

Ошибка проведения платежа. Попробуйте позднее. /Payment error. Please try again later.

-2019 -2019 Decline by iReq in PARes PARes от эмитента содержит iReq, вследствие чегоплатеж был отклонен / PARes from the issuing bank contains iReq, whichcaused the payment rejection



-2018 -2018 Declined. DS connection timeout Directory server Visa или MasterCard либо недоступен,либо в ответ на запрос вовлеченности карты (VeReq)пришла ошибка связи. Это ошибка взаимодействияплатежного шлюза и серверов МПС по причинетехнических неполадок на стороне последних. / There is no access to Directory server Visa or MaterCardor a connection error occured after card involvementrequest (VeReq). This is an error of interacion betweenpayment gate and IPS servers due to technical problemson the side of IPS servers.


-2017 -2017 Отклонено. Статус PARes-а не"Y"

Отклонено. Статус PARes-а не "Y"/ Rejected. PAResstatus is not "Y"



-2016 -2016 Declined. VeRes status isunknown

Банк-эмитент не смог определить, является ли карта3dsecure. / Issuing bank could not determine if the cardis 3dsecure.



-2015 -2015 Decline by iReq in VERes VERes от DS содержит iReq, вследствие чего платежбыл отклонен. / VERes from DS contains iReq, whichcaused the payment rejection.



-2013 -2013 Исчерпаны попытки оплаты Исчерпаны попытки оплаты. / All payment attemptswere used.


-2012 -2012 Operation not supported Данная операция не поддерживается. / This operationis not supported.


-2011 -2011 Declined. PaRes status isunknown

Банк-эмитент не смог провести авторизацию3dsecure-карты / Issuing bank was not able to perform3dsecure card authorization.



-2010 -2010 Несовпадение XID Несовпадение XID. / Mismatching of XID. Ошибка проведения платежа. Попробуйте позднее. Еслиданная ошибка возникла повторно, обратитесь в Ваш банкдля разъяснения причин. Телефон банка должен бытьуказан на обратной стороне карты. /


-2008 -2008 Неверный кошелёк Неверный кошелёк. / Wrong purse. Данный actionCode больше не используется.

-2007 2007 Decline. Payment time limit Истек срок, отведенный на ввод данных карты смомента регистрации платежа (таймаут поумолчанию - 20 минут; продолжительность сессииможет быть указана при регистрации заказа; если умерчанта установлена привилегия "Нестандартнаяпродолжительность сессии", то берётся период,указнанный в настройках мерчанта). /

The period allotted for card details entering has expired(by default timeout is 20 minutes; session duration maybe specified while order registering; if the merchant has"Alternative session timeout" permission, then timeoutduration is specified in merchant settings).


-2006 2006 Decline. 3DSec decline Означает, что эмитент отклонил аутентификацию(3DS авторизация не пройдена) / Means that issuingbank rejected authentication (3DS authorization has notbeen performed).



-2005 2005 Decline. 3DSec sign error Означает, что мы не смогли проверить подписьэмитента, то есть PARes был читаемый, но подписанневерно. / Means that RBS could not check issuingbank sign, i.e. PARes was readable, but the sign waswrong.



-2003 -2003 Блокировка по порту Блокировка по порту. / Blocking by port. Данный actionCode больше не используется.

-2002 2002 Decline. Payment over limit Транзакция отклонена по причине того, что размерплатежа превысил установленные лимиты. Примечание: имеется в виду либо лимитыБанка-эквайера на дневной оборот Магазина, либолимиты Магазина на оборот по одной карте, либолимит Магазина по одной операции. / Transaction was rejected because payment amountexceeded established limits. Note: it could be limit of daywithdrawal established by Bank-acquirer, or limit oftransaction by one card established by a merchant, orlimit for one transaction established by a merchant.


Payment error. Please contact representative of the merchantfor more details.

-2001 2001 Decline. IP blacklisted Транзакция отклонена по причине того, что IP-адресКлиента внесен в черный список. / Transaction isrejected since Client's IP-address is in the black list.



-2000 2000 Decline. PAN blacklisted Транзакция отклонена по причине того, что картавнесена в черный список. / Transaction is rejectedsince card number in in the black list.



-102 -102 Платеж отменен платежнымагентом

Платеж отменен платежным агентом. / The paymentwas cancelled by the payment agent.



-100 -100 no_payments_yet Не было попыток оплаты. / There were not paymentattempts.


-1 -1 sv_unavailable Истекло время ожидания ответа от процессинговойсистемы. / The timer of waiting of processing responsehas expired.


0 0 Approved. Платеж успешно прошел. / Payment has beenperformed successfully.

Операция успешна. / Successful transaction.

1 1 Declined. Honor with id Для успешного завершения транзакции требуетсяподтверждение личности. В случаеинтернет-транзакции (соот-но и в нашем)невозможно, поэтому считается как declined. / Proof ofidentity is necessary for successful completion of thetransaction. In case of internet transaction (our case) it isimpossible, so transaction is considered as declined.



5 5 Decline. Unable to process Отказ сети проводить транзакцию. / Refuse of networkto process transaction.



15 15 DECLINED_BY_BADINSTIT МПС не смогла определить эмитента карты. / IPScannot identify the issuing bank.

Ошибка проведения платежа. Попробуйте позднее. Еслиданная ошибка возникла повторно, обратитесь в Ваш банкдля разъяснения причин. Телефон банка должен бытьуказан на обратной стороне карты. / Payment error. Try again

If this error occures repeatedly, please contact your banklater.for more details. You can find bank telephone number on theback side of your bank card.

53 53 DECLINED_BY_INVALID_ACCT Карты не существует в системах процессинга. / Thecard does not exist in processing systems.

Операция отклонена. Обратитесь в магазин. / Paymentdeclined. Please, contact with merchant.

100 100 Decline. Card declined Ограничение по карте (Банк эмитент запретилинтернет транзакции по картe). / Card limits (Issuingbank forbade internet transactions by the card).



101 101 Decline. Expired card Истек срок действия карты. / Card is expired. Проверьте правильность ввода карточных данных. Еслиданная ошибка возникла повторно, обратитесь в Ваш банкдля разъяснения причин. Телефон банка должен бытьуказан на обратной стороне карты. /

Ch verify entered card details. If thiseck your card balance anderror occures repeatedly, please contact your bank for moredetails. You can find bank telephone number on the back sideof your bank card.

103 103 Decline. Call issuer Нет связи с Банком-Эмитентом. Торговой точкенеобходимо связаться с банком-эмитентом. / There isno connection with the Issuing bank. Sales oulet need tocontact Issuing bank.



104 104 Decline. Card declined Попытка выполнения операции по счету, наиспользование которого наложены ограничения. /This is an attempt to perform a transaction by an accountthat has restrictions for use.



106 106 Превышено допустимое числопопыток ввода ПИН. Вероятнокарта временнозаблокирована.

Превышено допустимое число попыток ввода ПИН.Вероятно карта временно заблокирована. / Themaximum number of attempts to enter PIN is exceeded.It is possible that the card is blocked temporary.



107 107 Decline. Call issuer Следует обратиться к Банку-Эмитенту. / Please,contact Issuing bank.



109 109 Decline. Invalidnj merchant Неверно указан идентификатор мерчанта/терминалаили АСС заблокирован на уровне процессинга. / Merchant/terminal identifier is incorrect or ACC isblocked on the processing level.

Ошибка проведения платежа. Попробуйте позднее. Еслиданная ошибка возникла повторно, обратитесь кпредставителю магазина для выяснения дальнейшихдействий. /

Payment error. If this error occures repeatedly,Try again later.please contact representative of the merchant for more details.

110 110 Decline. Invalid amount Предпринята попытка выполнить транзакцию насумму, превышающую лимит, заданныйбанком-эмитентом. / Attempt to perform a transaction ofamount exceeding Issuing bank limit.



111 111 Decline. No card record Неверный номер карты. / Card number is incorrect.йв Проверьте правильность ввода карточных данных. Еслиданная ошибка возникла повторно, обратитесь в Ваш банкдля разъяснения причин. Телефон банка должен бытьуказан на обратной стороне карты. /

Ch verify entered card details. If thiseck your card balance anderror occures repeatedly, please contact your bank for moredetails. You can find bank telephone number on the back sideof your bank card.

116 116 Decline. Not enough money Сумма транзакции превышает доступный остатоксредств на выбранном счете. / Transaction amountexceeds the available balance of the selected account.



117 117 INCORRECT PIN Неверно указан пин код (не для интернеттранзакций). / Incorrect PIN (not for internettransactions).



118 118 Сервис не разрешен Сервис не разрешён (отказ от эмитента). / Service is not allowed .(rejection came from the issuer)



119 119 Decline.SECURITY_VIOLATION из SV

Транзакция незаконна. / Illegal transaction. Ошибка проведения платежа. Попробуйте позднее. Еслиданная ошибка возникла повторно, обратитесь в Ваш банкдля разъяснения причин. Телефон банка должен бытьуказан на обратной стороне карты. /


120 120 Decline. Not allowed Отказ в проведении операции - транзакция неразрешена эмитентом. Код ответа платежной сети -57. Причины отказа необходимо уточнять у эмитента.

/ Refusal to perform the operation - the transaction is notallowed by Issuing bank. Response code of the IPS - 57.Reasons for rejection should be specified an the issuingbank.



121 121 Decline. Excds wdrwl limt Предпринята попытка выполнить транзакцию насумму, превышающую дневной лимит, заданныйбанком-эмитентом. / This is an attempt to performtransaction of amount exceeding the day limitestablished by the issuing bank.



123 123 Decline. Excds wdrwl ltmt Превышен лимит на число транзакций: клиентвыполнил максимально разрешенное числотранзакций в течение лимитного цикла и пытаетсяпровести еще одну. / The client has performed themaximum number of transactions during the limit cycleand tries to perform another one.



125 125 Decline. Card declined Неверный номер карты. Подобная ошибка можетозначать ряд вещей: Попытка возврата на сумму,больше холда, попытка возврата нулевойсуммы. Для AmEx - неверно указан срок действиякарты. / Card number is incorrect. This error may have severalmeanings: Attempt to perform a refund of amountexceeding the hold amount; Attempt to refund zeroamount; for AmEx - expiry date is specified incorrectly.

Проверьте правильность ввода карточных данных. Еслиданная ошибка возникла повторно, обратитесь в Ваш банкдля разъяснения причин. Телефон банка должен бытьуказан на обратной стороне карты. /Ch verify entered card details. If thiseck your card balance anderror occures repeatedly, please contact your bank for moredetails. You can find bank telephone number on the back sideof your bank card.

208 208 Decline. Card is lost Карта утеряна. / Card is lost. Ошибка проведения платежа. Попробуйте позднее. Еслиданная ошибка возникла повторно, обратитесь в Ваш банкдля разъяснения причин. Телефон банка должен бытьуказан на обратной стороне карты. /


209 209 Decline. Card limitationsexceeded

Превышены ограничения по карте. / Card limitationsexceeded.



400 400 Реверсал обработан. Реверсал обработан. / Reversal is processed. Произведена отмена платежа. / Payment has been reversed.

902 902 Decline. Invalid trans Ограничение по карте (Владелец карты пытаетсявыполнить транзакцию, которая для него неразрешена). / Card limitations (Cardholder tries toperform a transaction that is forbidden for him).



903 903 Decline. Re-enter trans. Предпринята попытка выполнить транзакцию насумму, превышающую лимит, заданныйбанком-эмитентом. / Attempt to perform a transaction ofamount exceeding Issuing bank limit.



904 904 Decline. Format error Ошибочный формат сообщения с точки зрения банкаэмитента. / The message format is incorrect in terms ofthe issuing bank.



907 907 Decline. Host not avail. Нет связи с Банком, выпустившим Вашу карту. Дляданного номера карты не разрешена авторизация врежиме stand-in (этот режим означает, что эмитентне может связаться с платежной сетью и поэтомутранзакция возможна либо в оффлайне споследующей выгрузкой в бэк офис, либо она будетотклонена). / There is no connection with the Issuing bank.Authorization in stand-in mode is not allowed for thiscard number (this mode means that the Issuing bank isunable to connect to the IPS, and therefore thetransaction can be either offline with further unloading toback office, or it can be declined).



909 909 Decline. Call issuer Невозможно провести операцию (Ошибкафункционирования системы, имеющая общийхарактер. Фиксируется платежной сетью илибанком-эмитентом). / Operation is impossible (Generalerror of the system functioning. May be detected by IPSor the Issuing bank).



910 910 Decline. Host not avail. Банк-эмитент недоступен. / Issuing bank is notavailable.



913 913 Decline. Invalid trans Неверный формат сообщения (Неправильныйформат транзакции с точки зрения сети). / Themessage format is incorrect in terms of IPS.



914 914 Decline. Orig trans not found Не найдена транзакция (когда посылаетсязавершение или reversal или refund). / Transaction isnot found (when sending a completion, reversal or refundrequest).

При возникновении данного actionCode сообщение Клиенту.не отображается

999 999 Declined by fraud Отсутствует начало авторизации транзакции.Отклонено по фроду или ошибка 3dsec. / Thebeginning of the transaction authorization is missed.Declined by fraud.



1001 1001 Decline. Data input timeout Пусто (Выставляется в момент регистрациитранзакции, т.е. когда еще по транзакции не быловведено данных карт). / Empty (is specified at themoment of transaction authorization, when card detailsare not entered yet).


1004 1004 Стадия авторизации 1 Стадия авторизации 1. / Authorization phase 1. При возникновении данного actionCode сообщение Клиентуне отображается.

1005 1005 Стадия авторизации 2 Стадия авторизации 2. / Authorization phase 2. При возникновении данного actionCode сообщение Клиентуне отображается.

2001 2001 Decline. Fraud Фродовая транзакция (по мнению процессинга илиплатежной сети). / Fraud (in terms of IPS).



2002 2002 Неверная операция Неверная операция. / Incorrect operation. Ошибка проведения платежа. Попробуйте позднее. Еслиданная ошибка возникла повторно, обратитесь кпредставителю магазина для выяснения дальнейшихдействий. /


2003 2003 Decline. SSL restricted SSL (Не 3d-Secure/SecureCode) транзакциизапрещены Магазину. / SSL (not3D-Secure/SecureCode) transactions are forbidden forthe Merchant.



2004 2004 SSL without CVC forbidden Оплата через SSL без ввода CVС2 запрещена. /Payment through SSL without CVC2 is forbidden.



2005 2005 3DS rule failed Платеж не соотвествует условиям правила проверкипо 3ds. / Payment does not meet terms of the rule of 3dsvalidation.



2006 2006 Однофазные платежизапрещены

Однофазные платежи запрещены. / One-phasepayments are forbidden.



2007 2007 Заказ уже оплачен Заказ уже оплачен. / The order is payed. Заказ уже оплачен. / The order has already been paid.

2008 2008 Транзакция ещё не завершена Транзакция ещё не завершена. / The transaction is notcompleted.


2009 2009 Сумма возврата превышаетсумму оплаты

Сумма возврата превышает сумму оплаты. / Refundamount exceeds deposited amount.

Сумма возврата превышает сумму оплаты. / The refundamount exceeds the amount deposited.

2014 2014 Ошибка выполнения3DS-правила

Ошибка выполнения 3DS-правила / Error of 3DS ruleexecution.



2015 2015 Terminal select rule error Ошибка выполнения правила выбора терминала(правило некорректно). / Terminal select rule error (ruleis incorrect).

Ошибка проведения платежа. Обратитесь к представителюмагазина для выяснения дальнейших действий. /


2016 2016 TDS_FORBIDDEN Мерчант не имеет разрешения на 3-D Secure,необходимое для проведения платежа. / 3-D Securepayment is necessary, but the merchant does not havepermission for 3-D Secure payment.

Ошибка проведения платежа. Обратитесь к представителюмагазина для выяснения дальнейших действий. /


9001 9001 RBS internal error Внутренний код отказа РБС. / RBS internal error. Ошибка проведения платежа. Попробуйте позднее. /Payment error. Please try again later.

71015 1015 Decline. Input error Введены неправильные параметры карты. / Enteredcard details are incorrect.

Проверьте правильность ввода карточных данных. Еслиданная ошибка возникла повторно, обратитесь в Ваш банкдля разъяснения причин. Телефон банка должен бытьуказан на обратной стороне карты. /Ch verify entered card details. If thiseck your card balance anderror occures repeatedly, please contact your bank for moredetails. You can find bank telephone number on the back sideof your bank card.

151017 1017 Decline. 3DSec comm error 3-D Secure - ошибка связи. / 3-D Secure -communication error.



151018 018 Decline. Processing timeout Таймаут в процессинге. Не удалось отправить. /Processing timeout. Sending is failed.



151019 1019 Decline. Processing timeout Таймаут в процессинге. Удалось отправить, но неполучен ответ от банка. / Processing timeout. Sendingis success, response from the bank was not received.



341014 1014 Decline. General Error Код отказа РБС. / RBS general error. Ошибка проведения платежа. Попробуйте позднее. Еслиданная ошибка возникла повторно, обратитесь кпредставителю магазина для выяснения дальнейшихдействий. /


payment with card details entering on the merchant side- af

Documents